Version 5 (modified by anonymous, 6 years ago) (diff)


I'm not the developer or maintainer of the LDAPAuthPlugin, and this is not a real reference; just some quick notes on using LDAPAuthPlugin with a standalone tracd:


I'm using tracd to serve multiple projects, and have a global trac.ini:

bind_dn =<bind DN>
;e.g. bind_dn = uid=%s,ou=people,dc=foo,dc=bar,dc=moo

server = <ldap server address>

trac.web.auth.LoginModule = disabled
acct_mgr.admin.accountmanageradminpage = enabled
acct_mgr.api.accountmanager = enabled
acct_mgr.web_ui.LoginModule = enabled
; be sure to enable the component = enabled
; configure the plugin to store passwords in the htdigest format:
password_store = LDAPStore

This global trac.ini then gets inherited by each trac projects' trac.ini:

# -*- coding: utf-8 -*-
file = /my/path/to/trac_projects/trac.ini


Start tracd like this:

tracd -p 80 -e /my/path/to/trac_projects

If you are using TracForge to get some multi-project support (single sign-on etc.) you might rather want to start like this, so only the master project shows up on the standard projects list page:

tracd -p 80 /my/path/to/trac_projects/my_master_project

A Better Ldap Solution

This plugin doesn't support user listing, changing password, registration or non-simple binding.

LDAPAuthStore offers a better solution linking LdapPlugin to AccountManager. Provide user listing, password changing, MD5/CRYPT/SASL binding/authentication.


  • LDAPAuthPlugin Code Author: Noah Kantrowitz <coderanger at yahoo com>
  • This Page Author: jholg
  • This Page Contributor: Yu Huang (crocea)