Changes between Version 3 and Version 4 of DirectoryAuthPlugin
- Timestamp:
- Sep 18, 2012, 11:14:39 AM (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
DirectoryAuthPlugin
v3 v4 1 1 [[PageOutline(2-5,Contents,pullout)]] 2 = ActiveDirectory Auth Plugin =2 = Directory Auth Plugin = 3 3 4 4 '''NOTE:''' Major changes from 0.3 5 - renamed to DirectoryAuthPlugin 5 6 - conf variables are renamed for standardization 6 7 - now more directory type agnostic … … 9 10 == Description == 10 11 11 The ActiveDirectory Auth Plugin is a password store for the AccountManagerPlugin that provides authentication and groups from Active Directory.12 The Directory Auth Plugin is a password store for the AccountManagerPlugin that provides authentication and groups from Active Directory. 12 13 13 Users are authenticated by performing an ldap_bind against the AD server using their credentials. The plugin will also pull the email address and display name from ActiveDirectory and populate the `session_attribute` table. See [http://pacopablo.com/blog/pacopablo/blog/set-assign-to-drop-down Populating ''Assign To'' Drop Down in Trac] for more information on why.14 Users are authenticated by performing an ldap_bind against an LDAP or AD server using their credentials. The plugin will also pull the email address and displayName from Directory and populate the `session_attribute` table. See [http://pacopablo.com/blog/pacopablo/blog/set-assign-to-drop-down Populating ''Assign To'' Drop Down in Trac] for more information on why. 14 15 15 16 == Groups == 16 17 - One can specify a group which users must be a member of in order to log in. 17 18 - Additionally, one may specify an ''admin'' group. If a user is a member of the ''admin'' group, then they will automatically be granted the `TRAC_ADMIN` permission. 18 - Finally, !ActiveDirectory groups are extended into the trac namespace. They can be used to extend permissions by ADgroup.19 - ADgroups are prefixed by @19 - Finally, Directory groups are extended into the trac namespace. They can be used to extend permissions by group. 20 - directory groups are prefixed by @ 20 21 - group names are lowercase and spaces are replaced with underscores. 21 22