Configuring an authentication through Active Directory
This function provides the possibility to use Active Directory accounts
(identifier and password) as a mean of authentication in Ovidentia.
In order to use this function, the PHP LDAP extension must be installed.
Choose Sites in the Administration section. Click the link corresponding to the name of your site in the list and then choose Authentication configuration.
Select Active Directory in the Authentication list to display the Active Directory authentication configuration form.
Now check the Allow administrators to connect if LDAP authentication fails box and fill in the mandatory fields:
- Host: IP Address of the AD server
- Domain name: AD Domain, eg.: MyDomain.MyTLD
- Search base: eg.: CN=Users,DC=MyDomain,DC=MyTLD
- Last Name: sn
- First Name: givenname
- E-mail address: mail
You can also fill in the other fields (Photo, Phone, Fax ...)
Here is the (non-exhaustive) list of equivalence between Ovidentia fields and Active Directory attributes :
- Department = department
- Business Phone = telephonenumber
- Mobile Phone = mobile
- Home Phone = homephone
- Business Fax = facsimiletelephonenumber
- Title = title
- Company = company
- Business Street = streetadress
- Business Postal Code = postalcode
- Business State = st
- Business Country = co