Using OpenLDAP with ZendTo
Learn how to integrate OpenLDAP with ZendTo to enhance authentication and access control in your file transfer system.
This configuration assumes your OpenLDAP directory uses memberof
for automatic group management. As of OpenLDAP 2.5.18 and 2.6.8, an additional overlay, autogroup
should also be added to your OpenLDAP configuration (this can be done dynamically on a server running those Release Levels or higher). If you are running OpenLDAP 2.4 or older releases of 2.5 and/or 2.6 we strongly recommend you upgrade to pick up all the other fixes and improvements along with this important new function.
If you are “manually” managing group membership then you would use a different authLDAPUsernameAttr
value.
You setup https://zend.to/ for using LDAP by editing /opt/zendto/config/preferences.php
. The relevant part for LDAP-settings is
'authenticator' => 'LDAP',
'authLDAPBaseDN' => 'DC=example,DC=com',
'authLDAPServers' => array('ldap://ldap_server_ip:389'),
'authLDAPAccountSuffix' => '@example.com',
'authLDAPUseSSL' => false,
'authLDAPStartTLS' => false,
'authLDAPBindDn' => 'uid=admin,ou=people,dc=example,dc=com',
'authLDAPBindPass' => 'your_password',
'authLDAPUsernameAttr' => 'uid',
'authLDAPEmailAttr' => 'mail',
'authLDAPMemberKey' => 'memberOf',
'authLDAPMemberRole' => 'cn=zendto,ou=groups,dc=example,dc=com',
Every user of the group zendto
is allowed to login.