Now I am following up as promised with how to integrate this with Active Directory and AD’s LDAP. You need to know your LDAP Active Directory info. If you don’t, you need to get it. Or else maybe your domain is generic enough that looking at my examples will get you there.
Log in to dotProject.
Click on System Admin | Default User Preferences.
We will make changes to the following sections:
User Authentication Settings
LDAP Settings
These section are show in this screen shot. After this screen shot instructions on configuring these sections are provided.
Scroll to the section called User Authentication Settings.
Change the User Authentication Method setting to LDAP.
Configure the LDAP Settings section.
For LDAP Host, Enter the IP address of your Active Directory server.
Do not change the LDAP Port or LDAP Version settings.
On a default Active Directory installation, set the LDAP Base DN to the following:
CN=Users,DC=YourDomain,DC=tld
For example, the lab I am demoing this with is LD.Lab so it would be this:
CN=Users,DC=ld,DC=lab
For LDAP User Filter enter the following:
(sAMAccountName=%USERNAME%)
For the LDAP Search User, enter a domain user:
CN=John Doe,CN=Users,DC=ld,DC=lab
SUGGESTION: Create a service account on the domain with a really intense password and almost no rights, except of course the right to search LDAP so it can be an LDAP Search User.
Obviously for the LDAP Search User Password, enter the password for the LDAP Search User.
IMPORTANT! You must update this password here when the user’s changes in Active Directory (sorry for the “No duh” moment but it had to be said).
Scroll down and on the bottom right of the Default User Preferences page, click Save.
Go ahead and try to login as a Domain User.
Note On Changing Permissions
Domain Users may appear to get the Administrator role, but this is not really the case. They only get the Anonymous role when they first login. See my forum post here: How to make an LDAP user an administrator?
Also, it appears that if you want all users who login to get more permissions, then edit the Anonymous role or modify every user individually. (Yeah, so the project needs some features in this area…maybe you want to become a contributor and develop it yourself?)
Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.
I have previous documents about installing each of the steps above installing dotProject. Once you have gone though the above documents, you will be ready for this document. This document will only cover dotProject.
Installing dotProject 2.1.2 from Ports
Install dotProject from ports using one of the following commands (I use the first one when doing virtual hosts and the second one when just using sub directories of the web root).
#
#
cd /usr/ports/www/dotproject
make install
Note: If you Apache directory is /usr/local/www/apache22/data you may want to use this make command:
#
#
cd /usr/ports/www/dotproject
make DOTPROJECTDIR=/usr/local/www/apache22/data/dotproject install
Create a database in MySQL for dotProject. Name it whatever you want. For this example, I am going to name the database dotProjDB. If you have read the articles about MySQL that I referenced above, you should know how to log into to MySQL, but just in case you forgot, I will show you again.There are lots of ways to create a database in MySQL, and I am going to give you one example using the shell and the MySQL client.
#
mysql -u root -p
Enter your password and you should be taken to a mysql prompt.
mysql>
create database dotprojdb
Yes it is that simple. And at the same time no it is not that simple. There is a lot more to know such as where to put the database files and how fast of drives you need, whether you need faster read speed or faster write speed or both, but this will suffice for now.
Create a mysql user account for this database. We don’t want to user the root account.
See this page in the MySQL documentation for more information on this: Adding User Accounts
mysql>
CREATE USER ‘dpuser’@’localhost’ IDENTIFIED BY ‘P@sswd!’;
Query OK, 0 rows affected (0.01 sec)
mysql>
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON dotprojdb.* TO ‘dpuser’@’localhost’;
Query OK, 0 rows affected (0.01 sec)
Now open a web browser to your server’s site: http://yourserver/dotprojectYou will see the following page.
No need to do anything on this page because it should redirect you after 5 second to a dotProject configuration web page.
Now some of the items in red need to be taken care of. Not all of them, just some of them.
The first group of items are “Requirements” and anything not with a pretty green check mark under the “Requirements” section needs to be fixed.
However, under the “Database Connectors” section, there are lots of red Xs. We don’t need to fix these. We just need one database, so as long as the database you want to use (in this example it’s MySQL) has a pretty green check mark, you don’t need to do add more “Database Connectors”.
Fix the first error: Session Save Path writable? X Fatal: session.save_path is not setTo do this, follow these steps:
Change to the directory that contains the php.ini file. On FreeBSD that directory is here: /usr/local/etc
#
cd /usr/local/etc
Now by default the PHP5 port on FreeBSD doesn’t install a php.ini file, but instead provides two example php.ini files: php.ini-recommended and php.ini-dist. So copy one of them to php.ini.
#
cp php.ini-recommended php.ini
Edit the php.ini file and remove the comment from this line:
;session.save_path = “/tmp”
I use ee which is the command to open Easy Editor. But you can use vi or whatever.
Save the file and exit.
The other issue is this one: Session AutoStart = ON? X Failed Try setting to ON if you are experiencing a WhiteScreenOfDeathOk. So this issue is fixed is in that same php.ini file. So repeat the steps only this time we don’t remove a comment, we change a setting from 0 to 1. Find the following line and change it from 0 to 1, as shown.
session.auto_start = 1
Restart apache. This is required and must be done before these settings will take effect.
#
/usr/local/etc/rc.d/apache22 restart
Now you are ready to click the “Start Installation” button. So go ahead and click it. The following page should appear.
Enter the details as shown in the page. Hopefully you have your own database user and password to use.
Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.