Owncloud Authentication against FreeIPA
Template:Draft
HOWTO: Owncloud Authentication against FreeIPA
This document describes how to setup owncloud (7.0.4) against FreeIPA (4.1.2) demo1 server.
This howto was tested by deploying owncloud to openshift.com as capsule and demo1 ipa server.
For the purpose of this document, the following information is given
Server: ipa.demo1.freeipa.org base dn: dc=demo1,dc=freeipa,dc=org
Prerequisite:
We will need to create a bind account for owncloud to authenticate to IPA as a service account. For this purpose I use admin account. Owncloud needs to be able to connect to IPA server on port 389 or 636 to LDAP sync works.
Owncloud Authentication
- Login to owncloud
- Go to Apps (left corner)
- Enable LDAP user and group backend
- Go to Admin page (right corner)
- Server
Server: ldap://ipa.demo1.freeipa.org Port: 389 User DN: uid=admin,cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org Password: Secret123 Base DN: dc=demo1,dc=freeipa,dc=org
- User Filter
Edit raw filter instead: (objectclass=*)
- Login Filter
LDAP Username: checked Edit raw filter instead: (&(objectclass=*)(uid=%uid))
- Group filter (it depends on which user group you want allow to access owncloud)
Edit raw filter instead: (|(cn=ipausers))
- Advanced
- Connection Settings
Configuration Active: checked
- Directory Settings
User Display Name Field: displayname Base User Tree: cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org Group Display Name Field: cn Base Group Tree: cn=groups,cn=accounts,dc=demo1,dc=freeipa,dc=org Group-Member association: uniqueMember Paging chunksize: 500
- Special Attributes
Email Field: mail User Home Folder Naming Rule: cn
- Expert
nothing