tachtler:phpldapadmin_centos_7
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
tachtler:phpldapadmin_centos_7 [2014/12/09 14:27] – [/etc/phpldapadmin/config.php] klaus | tachtler:phpldapadmin_centos_7 [2021/01/01 12:43] (aktuell) – [/usr/share/phpldapadmin/locale/de_DE/LC_MESSAGES/messages.mo] klaus | ||
---|---|---|---|
Zeile 841: | Zeile 841: | ||
<code php> | <code php> | ||
+ | <?php | ||
+ | /** NOTE ** | ||
+ | ** Make sure that <?php is the FIRST line of this file! | ||
+ | ** IE: There should NOT be any blank lines or spaces BEFORE <?php | ||
+ | **/ | ||
+ | |||
+ | /** | ||
+ | * The phpLDAPadmin config file | ||
+ | * See: http:// | ||
+ | * | ||
+ | * This is where you can customise some of the phpLDAPadmin defaults | ||
+ | * that are defined in config_default.php. | ||
+ | * | ||
+ | * To override a default, use the $config-> | ||
+ | * For example, the default for defining the language in config_default.php | ||
+ | * | ||
+ | * $this-> | ||
+ | | ||
+ | | ||
+ | * | ||
+ | * to override this, use $config-> | ||
+ | * | ||
+ | * This file is also used to configure your LDAP server connections. | ||
+ | * | ||
+ | * You must specify at least one LDAP server there. You may add | ||
+ | * as many as you like. You can also specify your language, and | ||
+ | * many other options. | ||
+ | * | ||
+ | * NOTE: Commented out values in this file prefixed by //, represent the | ||
+ | * defaults that have been defined in config_default.php. | ||
+ | * Commented out values prefixed by #, dont reflect their default value, you can | ||
+ | * check config_default.php if you want to see what the default is. | ||
+ | * | ||
+ | * DONT change config_default.php, | ||
+ | * of PLA. Instead change this file - as it will NOT be replaced by a new | ||
+ | * version of phpLDAPadmin. | ||
+ | */ | ||
+ | |||
+ | / | ||
+ | * Useful important configuration overrides | ||
+ | | ||
+ | |||
+ | /* If you are asked to put PLA in debug mode, this is how you do it: */ | ||
+ | # $config-> | ||
+ | # $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* phpLDAPadmin can encrypt the content of sensitive cookies if you set this | ||
+ | to a big random string. */ | ||
+ | $config-> | ||
+ | |||
+ | /* If your auth_type is http, you can override your HTTP Authentication Realm. */ | ||
+ | // $config-> | ||
+ | |||
+ | /* The language setting. If you set this to ' | ||
+ | to determine your language automatically. Otherwise, available lanaguages | ||
+ | are: ' | ||
+ | | ||
+ | | ||
+ | // $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | |||
+ | /* The temporary storage directory where we will put jpegPhoto data | ||
+ | This directory must be readable and writable by your web server. */ | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* Set this to (bool)true if you do NOT want a random salt used when | ||
+ | | ||
+ | | ||
+ | | ||
+ | # $config-> | ||
+ | |||
+ | /* PHP script timeout control. If php runs longer than this many seconds then | ||
+ | PHP will stop with an Maximum Execution time error. Increase this value from | ||
+ | the default if queries to your LDAP server are slow. The default is either | ||
+ | 30 seconds or the setting of max_exection_time if this is null. */ | ||
+ | // $config-> | ||
+ | |||
+ | // $config-> | ||
+ | |||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* Our local timezone | ||
+ | This is to make sure that when we ask the system for the current time, we | ||
+ | get the right local time. If this is not set, all time() calculations will | ||
+ | | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | |||
+ | / | ||
+ | * Commands | ||
+ | | ||
+ | |||
+ | /* Command availability ; if you don't authorize a command the command | ||
+ | links will not be shown and the command action will not be permitted. | ||
+ | For better security, set also ACL in your ldap directory. */ | ||
+ | /* | ||
+ | $config-> | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ); | ||
+ | |||
+ | $config-> | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ); | ||
+ | */ | ||
+ | |||
+ | / | ||
+ | * Appearance | ||
+ | | ||
+ | |||
+ | /* If you want to choose the appearance of the tree, specify a class name which | ||
+ | | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* Just show your custom templates. */ | ||
+ | // $config-> | ||
+ | |||
+ | /* Disable the default template. */ | ||
+ | // $config-> | ||
+ | |||
+ | /* Hide the warnings for invalid objectClasses/ | ||
+ | // $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | |||
+ | /* Configure what objects are shown in left hand tree */ | ||
+ | // $config-> | ||
+ | |||
+ | /* The height and width of the tree. If these values are not set, then | ||
+ | no tree scroll bars are provided. */ | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* Confirm create and update operations, allowing you to review the changes | ||
+ | and optionally skip attributes during the create/ | ||
+ | // $config-> | ||
+ | // $config-> | ||
+ | |||
+ | /* Confirm copy operations, and treat them like create operations. This allows | ||
+ | you to edit the attributes (thus changing any that might conflict with | ||
+ | | ||
+ | // $config-> | ||
+ | |||
+ | # Tachtler - new - | ||
+ | /* Disable HTTP-LOGO-Download from sourceforge */ | ||
+ | $config-> | ||
+ | |||
+ | / | ||
+ | * User-friendly attribute translation | ||
+ | | ||
+ | |||
+ | /* Use this array to map attribute names to user friendly names. For example, if | ||
+ | you don't want to see " | ||
+ | // $config-> | ||
+ | $config-> | ||
+ | # Tachtler | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | ); | ||
+ | |||
+ | / | ||
+ | * Hidden attributes | ||
+ | | ||
+ | |||
+ | /* You may want to hide certain attributes from being edited. If you want to | ||
+ | hide attributes from the user, you should use your LDAP servers ACLs. | ||
+ | NOTE: The user must be able to read the hide_attrs_exempt entry to be | ||
+ | | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | /* Members of this list will be exempt from the hidden attributes. */ | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | / | ||
+ | * Read-only attributes | ||
+ | | ||
+ | |||
+ | /* You may want to phpLDAPadmin to display certain attributes as read only, | ||
+ | | ||
+ | | ||
+ | | ||
+ | NOTE: The user must be able to read the readonly_attrs_exempt entry to be | ||
+ | | ||
+ | // $config-> | ||
+ | |||
+ | /* Members of this list will be exempt from the readonly attributes. */ | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | |||
+ | / | ||
+ | * Group attributes | ||
+ | | ||
+ | |||
+ | /* Add " | ||
+ | // $config-> | ||
+ | |||
+ | /* Configure filter for member search. This only applies to " | ||
+ | // $config-> | ||
+ | |||
+ | /* Attribute that is added to the group member attribute. */ | ||
+ | // $config-> | ||
+ | |||
+ | /* For Posix attributes */ | ||
+ | // $config-> | ||
+ | // $config-> | ||
+ | // $config-> | ||
+ | |||
+ | / | ||
+ | * Support for attrs display order * | ||
+ | | ||
+ | |||
+ | /* Use this array if you want to have your attributes displayed in a specific | ||
+ | | ||
+ | For example, " | ||
+ | | ||
+ | | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ); | ||
+ | |||
+ | / | ||
+ | * Define your LDAP servers in this section | ||
+ | | ||
+ | |||
+ | $servers = new Datastore(); | ||
+ | |||
+ | /* $servers-> | ||
+ | | ||
+ | $servers-> | ||
+ | |||
+ | /* A convenient name that will appear in the tree viewer and throughout | ||
+ | | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | /* Examples: | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | (Unix socket at / | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | |||
+ | /* The port your LDAP server listens on (no quotes). 389 is standard. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* Four options for auth_type: | ||
+ | 1. ' | ||
+ | store your login dn and password. | ||
+ | 2. ' | ||
+ | web server in a persistent session variable. | ||
+ | 3. ' | ||
+ | HTTP authentication. | ||
+ | 4. ' | ||
+ | login will be required to use phpLDAPadmin for this server. | ||
+ | |||
+ | | ||
+ | your situation. If you choose ' | ||
+ | | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or | ||
+ | ' | ||
+ | you specify a login_attr in conjunction with a cookie or session auth_type, | ||
+ | then you can also specify the bind_id/ | ||
+ | | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | |||
+ | /* Your LDAP password. If you specified an empty bind_id above, this MUST also | ||
+ | be blank. */ | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | /* Use TLS (Transport Layer Security) to connect to the LDAP server. */ | ||
+ | // $servers-> | ||
+ | |||
+ | / | ||
+ | | ||
+ | | ||
+ | |||
+ | /* Enable SASL authentication LDAP SASL authentication requires PHP 5.x | ||
+ | | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* SASL auth mechanism */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* SASL authentication realm name */ | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | /* SASL authorization ID name | ||
+ | If this option is undefined, authorization id will be computed from bind DN, | ||
+ | using sasl_authz_id_regex and sasl_authz_id_replacement. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* SASL authorization id regex and replacement | ||
+ | When sasl_authz_id property is not set (default), phpLDAPAdmin will try to | ||
+ | | ||
+ | |||
+ | This procedure is done by calling preg_replace() php function in the | ||
+ | | ||
+ | |||
+ | | ||
+ | $bind_dn); | ||
+ | |||
+ | For info about pcre regexes, see: | ||
+ | - pcre(3), perlre(3) | ||
+ | - http:// | ||
+ | // $servers-> | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | /* SASL auth security props. | ||
+ | See http:// | ||
+ | // $servers-> | ||
+ | |||
+ | /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5, | ||
+ | | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | /* If you specified ' | ||
+ | | ||
+ | ' | ||
+ | and log in as that user. | ||
+ | Leave blank or specify ' | ||
+ | your LDAP server requires you to login to perform searches, you can enter the | ||
+ | DN to use when searching in ' | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | /* Base DNs to used for logins. If this value is not set, then the LDAP server | ||
+ | Base DNs are used. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* If ' | ||
+ | at login, you may restrict the search to a specific objectClasses. EG, set this | ||
+ | to array(' | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* If you specified something different from ' | ||
+ | | ||
+ | | ||
+ | This is useful, when users should be able to log in with their uid, but | ||
+ | the ldap administrator wants to log in with his root-dn, that does not | ||
+ | | ||
+ | When using this feature, login_class is ignored. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* Specify true If you want phpLDAPadmin to not display or permit any | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* Specify false if you do not want phpLDAPadmin to draw the ' | ||
+ | in the tree viewer. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* This feature allows phpLDAPadmin to automatically determine the next | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* The mechanism to use when finding the next available uidNumber. Two possible | ||
+ | | ||
+ | The ' | ||
+ | | ||
+ | for entries with a uidNumber value and finds the first available uidNumber | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* The DN of the search base when the ' | ||
+ | # $servers-> | ||
+ | |||
+ | /* The minimum number to use when searching for the next available number | ||
+ | (only when ' | ||
+ | // $servers-> | ||
+ | |||
+ | /* If you set this, then phpldapadmin will bind to LDAP with this user ID when | ||
+ | | ||
+ | | ||
+ | may not), so that you can be guaranteed to get a unique uidnumber for your | ||
+ | | ||
+ | // $servers-> | ||
+ | |||
+ | /* The password for the dn above. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* Enable anonymous bind login. */ | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | |||
+ | /* Use customized page with prefix when available. */ | ||
+ | # $servers-> | ||
+ | |||
+ | /* If you set this, then only these DNs are allowed to log in. This array can | ||
+ | | ||
+ | the user has not authenticated yet, so this will be an anonymous search to | ||
+ | the LDAP server, so make your ACLs allow these searches to return results! */ | ||
+ | # $servers-> | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | |||
+ | /* Set this if you dont want this LDAP server to show in the tree */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* This is the time out value in minutes for the server. After as many minutes | ||
+ | of inactivity you will be automatically logged out. If not set, the default | ||
+ | value will be ( session_cache_expire()-1 ) */ | ||
+ | # $servers-> | ||
+ | |||
+ | /* Set this if you want phpldapadmin to perform rename operation on entry which | ||
+ | has children. Certain servers are known to allow it, certain are not. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* If you set this, then phpldapadmin will show these attributes as | ||
+ | | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | /* If you set this, then phpldapadmin will show these attributes on | ||
+ | | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | /* These attributes will be forced to MAY attributes and become option in the | ||
+ | | ||
+ | as per normal template processing. You may want to do this because your LDAP | ||
+ | | ||
+ | In Fedora Directory Server using the DNA Plugin one could ignore uidNumber, | ||
+ | | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | |||
+ | / | ||
+ | * Unique attributes | ||
+ | | ||
+ | |||
+ | /* You may want phpLDAPadmin to enforce some attributes to have unique values | ||
+ | (ie: not belong to other entries in your tree. This (together with | ||
+ | ' | ||
+ | occur with other attributes have the same value. */ | ||
+ | # $servers-> | ||
+ | |||
+ | /* If you set this, then phpldapadmin will bind to LDAP with this user ID when | ||
+ | | ||
+ | | ||
+ | that you can be guaranteed to get a unique uidnumber for your directory. */ | ||
+ | // $servers-> | ||
+ | |||
+ | /* The password for the dn above. */ | ||
+ | // $servers-> | ||
+ | |||
+ | / | ||
+ | * If you want to configure additional LDAP servers, do so below. | ||
+ | * Remove the commented lines and use this section as a template for all * | ||
+ | * your other LDAP servers. | ||
+ | | ||
+ | |||
+ | /* | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | # SASL auth | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | $servers-> | ||
+ | */ | ||
+ | ?> | ||
</ | </ | ||
+ | Nachfolgend die Erklärungen zu den **Änderungen** in der oben **vollständig** gezeigten Konfigurationsdatei. | ||
+ | === Sprache === | ||
+ | |||
+ | <code php> | ||
+ | /* The language setting. If you set this to ' | ||
+ | to determine your language automatically. Otherwise, available lanaguages | ||
+ | are: ' | ||
+ | | ||
+ | | ||
+ | // $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | </ | ||
+ | |||
+ | * //Die Standardsprache wird hier auf **de_DE** (deutsch) gesetzt// | ||
+ | |||
+ | === Zeitzone === | ||
+ | |||
+ | <code php> | ||
+ | /* Our local timezone | ||
+ | This is to make sure that when we ask the system for the current time, we | ||
+ | get the right local time. If this is not set, all time() calculations will | ||
+ | | ||
+ | // $config-> | ||
+ | # $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | </ | ||
+ | |||
+ | * //Die Zeitzone wird hier auf **Europe/ | ||
+ | |||
+ | === Fehlermeldungen zu ungültigen Objekten in Vorlagen === | ||
+ | |||
+ | <code php> | ||
+ | /* Hide the warnings for invalid objectClasses/ | ||
+ | // $config-> | ||
+ | # Tachtler | ||
+ | $config-> | ||
+ | </ | ||
+ | |||
+ | * // | ||
+ | |||
+ | === LOGO-Download unterbinden === | ||
+ | |||
+ | <code php> | ||
+ | # Tachtler - new - | ||
+ | /* Disable HTTP-LOGO-Download from sourceforge */ | ||
+ | $config-> | ||
+ | </ | ||
+ | |||
+ | * // | ||
+ | |||
+ | === Benutzerfreundliche Feldnamen === | ||
+ | |||
+ | <code php> | ||
+ | /* Use this array to map attribute names to user friendly names. For example, if | ||
+ | you don't want to see " | ||
+ | // $config-> | ||
+ | $config-> | ||
+ | # Tachtler | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # default: | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | # ' | ||
+ | ); | ||
+ | </ | ||
+ | |||
+ | * //Die Übersetzung einieger Feldnamen in benutzerfreundliche Bezeichnungen soll, um keine verfälschte Ausgabe zu erzeugen, unterbunden werden// | ||
+ | |||
+ | === Anzeige LDAP-Server Name === | ||
+ | |||
+ | <code php> | ||
+ | /* A convenient name that will appear in the tree viewer and throughout | ||
+ | | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | |||
+ | </ | ||
+ | |||
+ | * //Der Name des LDAP-Servers im Objektbaum// | ||
+ | |||
+ | === LDAP-URL === | ||
+ | |||
+ | <code php> | ||
+ | /* Examples: | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | (Unix socket at / | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | </ | ||
+ | |||
+ | * //Die URL zum LDAP-Server - **hier eine URL mit SSL/ | ||
+ | |||
+ | === LDAP BIND ID === | ||
+ | |||
+ | <code php> | ||
+ | /* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or | ||
+ | ' | ||
+ | you specify a login_attr in conjunction with a cookie or session auth_type, | ||
+ | then you can also specify the bind_id/ | ||
+ | | ||
+ | // $servers-> | ||
+ | # $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | </ | ||
+ | |||
+ | * //Der Benutzer, bzw. das Objekt, mit dessen die Authentifizierung durchgeführt werden soll **Standard ist hier das Manager-Objekt**// | ||
+ | |||
+ | === Standard Passwort Algorithmus === | ||
+ | |||
+ | <code php> | ||
+ | /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5, | ||
+ | | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | </ | ||
+ | |||
+ | * //Hier aufgrund der gestiegenen Sicherheitsanforderungen **ssha** und __**NICHT**__ mehr md5// | ||
+ | |||
+ | === Login Attribut === | ||
+ | |||
+ | <code php> | ||
+ | /* If you specified ' | ||
+ | | ||
+ | ' | ||
+ | and log in as that user. | ||
+ | Leave blank or specify ' | ||
+ | your LDAP server requires you to login to perform searches, you can enter the | ||
+ | DN to use when searching in ' | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | # default: $servers-> | ||
+ | $servers-> | ||
+ | </ | ||
+ | |||
+ | :!: **WICHTIG** - //Der Standard ist **dn** und __**NICHT**__ uid !!!// | ||
+ | |||
+ | === Anonymous BIND === | ||
+ | |||
+ | <code php> | ||
+ | /* Enable anonymous bind login. */ | ||
+ | // $servers-> | ||
+ | # Tachtler | ||
+ | $servers-> | ||
+ | </ | ||
+ | |||
+ | :!: **WICHTIG** //Falls der OpenLDAP-Server keinen **anonymous bind** erlaubt, kann dies hier deaktiviert werden !!!// | ||
+ | |||
+ | Bei der Konfiguration eines [[http:// | ||
+ | * [[tachtler: | ||
+ | |||
+ | ==== Apache VHOST-Konfiguration ==== | ||
+ | |||
+ | Es soll **__anstelle__ der mitgelieferten Konfigurationsdatei** in nachfolgendem Verzeichnis, | ||
+ | * ''/ | ||
+ | ein **virtueller Host** im [[http:// | ||
+ | |||
+ | Siehe dazu auch nachfolgende interne Links: | ||
+ | * [[tachtler: | ||
+ | * [[tachtler: | ||
+ | * [[tachtler: | ||
+ | |||
+ | Dazu soll zuerst die **mitgelieferte Konfigurationsdatei** mit nachfolgendem Befehl **kopiert** werden: | ||
+ | < | ||
+ | # cp -a / | ||
+ | </ | ||
+ | |||
+ | Anschließend kann dann der Inhalt der Konfigurationsdatei ''/ | ||
+ | |||
+ | (**Komplette Konfigurationsdatei**) | ||
+ | <code apache> | ||
+ | # | ||
+ | # phpldapadmin.tachtler.net (phpLDAPadmin for OpenLDAP) | ||
+ | # | ||
+ | < | ||
+ | ServerAdmin webmaster@tachtler.net | ||
+ | ServerName phpldapadmin.tachtler.net | ||
+ | ServerAlias www.phpldapadmin.tachtler.net | ||
+ | ServerPath / | ||
+ | DocumentRoot "/ | ||
+ | < | ||
+ | Options -Indexes +FollowSymLinks | ||
+ | # Tachtler (enable for .htaccess file support) | ||
+ | # AllowOverride AuthConfig | ||
+ | AllowOverride None | ||
+ | # Tachtler (enable for unlimited access) | ||
+ | Require all granted | ||
+ | </ | ||
+ | |||
+ | DirectoryIndex index.php | ||
+ | |||
+ | ErrorLog logs/ | ||
+ | SetEnvIf X-Forwarded-For " | ||
+ | CustomLog logs/ | ||
+ | CustomLog logs/ | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | ===== Apache Neustart ===== | ||
+ | |||
+ | Nach Durchführung der vorhergehenden **Konfigurationsschritte**, | ||
+ | < | ||
+ | # systemctl restart httpd.service | ||
+ | </ | ||
+ | |||
+ | :!: **HINWEIS** - **Es erfolgen __keine__ weiteren Ausgaben, wenn der Start erfolgreich war !** | ||
+ | |||
+ | ===== Erster Aufruf ===== | ||
+ | |||
+ | Nachdem die Installation und die Basis-Konfiguration abgeschlossen sind, kann nun der erste Aufruf mit nachfolgender URL erfolgen: | ||
+ | * [[http:// | ||
+ | wodurch nachfolgender Bildschirm zur Anzeige kommen sollte, in dem die Anmeldedaten nun eingegeben werden müssen, um eine erfolgreiche Anmeldung durchzuführen: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | ===== Fehlerbehebung ===== | ||
+ | |||
+ | ==== / | ||
+ | |||
+ | Bei der Anzeige eines Objekt im LDAP-Baum, wir der Eintrag für | ||
+ | * '' | ||
+ | nicht angezeigt, stattdessen kommt nachfolgende Anzeige zum vorschein: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | Nachfolgend die fehlerhafte Darstellung: | ||
+ | < | ||
+ | ../ | ||
+ | ../ | ||
+ | ../ | ||
+ | ../ | ||
+ | </ | ||
+ | |||
+ | Diese fehlerhafte Anzeige, kann durch Austausch der aktuellen **Sprachdatei** | ||
+ | * **''/ | ||
+ | durch die Version, welche in Vorgängerversion von [[http:// | ||
+ | |||
+ | Das gesammte **phpldapadmin-1.2.2.zip-Archiv** oder **phpldapadmin-1.2.2.tgz-Archiv**, | ||
+ | * [[https:// | ||
+ | < | ||
+ | # wget -P /tmp/ https:// | ||
+ | 1.2.2.tgz/ | ||
+ | --2017-07-31 09: | ||
+ | / | ||
+ | Resolving sourceforge.net (sourceforge.net)... 216.34.181.60 | ||
+ | Connecting to sourceforge.net (sourceforge.net)|216.34.181.60|: | ||
+ | HTTP request sent, awaiting response... 302 Found | ||
+ | Location: https:// | ||
+ | 1.2.2.tgz? | ||
+ | --2017-07-31 09: | ||
+ | / | ||
+ | Resolving downloads.sourceforge.net (downloads.sourceforge.net)... 216.34.181.59 | ||
+ | Connecting to downloads.sourceforge.net (downloads.sourceforge.net)|216.34.181.59|: | ||
+ | HTTP request sent, awaiting response... 302 Found | ||
+ | Location: https:// | ||
+ | 1.2.2.tgz [following] | ||
+ | --2017-07-31 09: | ||
+ | / | ||
+ | Resolving netcologne.dl.sourceforge.net (netcologne.dl.sourceforge.net)... 78.35.24.46, | ||
+ | Connecting to netcologne.dl.sourceforge.net (netcologne.dl.sourceforge.net)|78.35.24.46|: | ||
+ | HTTP request sent, awaiting response... 200 OK | ||
+ | Length: 1415565 (1.3M) [application/ | ||
+ | Saving to: ‘/ | ||
+ | |||
+ | 100%[======================================> | ||
+ | |||
+ | 2017-07-31 09:32:11 (1.24 MB/s) - ‘/ | ||
+ | </ | ||
+ | |||
+ | Nach dem entpacken des z.B. '' | ||
+ | < | ||
+ | # tar xzvf / | ||
+ | </ | ||
+ | und im Verzeichnis ''/ | ||
+ | * '' | ||
+ | erstellt. | ||
+ | |||
+ | Anschließend kann eine Sicherungskopie der **Sprachdatei** ''/ | ||
+ | < | ||
+ | # cp -a / | ||
+ | </ | ||
+ | |||
+ | Jetzt kann die **Sprachdatei** ''/ | ||
+ | < | ||
+ | # cp -a / | ||
+ | </ | ||
+ | |||
+ | Für zukünftige Updates von [[http:// | ||
+ | < | ||
+ | # cp -a / | ||
+ | </ | ||
+ | |||
+ | Zum Abschluss kann nun noch die heruntergeladene [[http:// | ||
+ | < | ||
+ | # rm -rf / | ||
+ | # rm / | ||
+ | </ | ||
+ | |||
+ | Nach Durchführung der vorhergehenden **Konfigurationsschritte**, | ||
+ | < | ||
+ | # systemctl restart httpd.service | ||
+ | </ | ||
+ | bzw. | ||
+ | < | ||
+ | # systemctl restart httpd.service php-fpm.service | ||
+ | </ | ||
+ | |||
+ | :!: **HINWEIS** - **Es erfolgen __keine__ weiteren Ausgaben, wenn der Start erfolgreich war !** | ||
+ | |||
+ | Anschließend sollte die Anzeige dann wie folgt aussehen: | ||
- | :!: FIXME **Hier geht es weiter... / under construction ** FIXME :!: | + | {{:tachtler:phpldapadmin: |
tachtler/phpldapadmin_centos_7.1418131641.txt.gz · Zuletzt geändert: 2014/12/09 14:27 von klaus