mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2025-12-31 01:10:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

[docs-only] Adding a Identity Provider section in owncloud.dev

Browse Source
This commit is contained in:
mmattel
2023-05-03 12:07:20 +02:00
parent 2fa78bff4b
commit 8a9f025313
2 changed files with 55 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/ocis/identity-provider/_index.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: "Identity Provider"
date: 2023-05-03T00:00:00+00:00
weight: 20
geekdocRepo: https://github.com/owncloud/ocis
geekdocEditPath: edit/master/docs/ocis/identity-provider
geekdocFilePath: _index.md
geekdocCollapseSection: true
---
## Overview
oCIS provides an internal identity provider which can be configured via the [IDP service](../../services/idp/), or connect to an external identity provider like Keycloak or Microsoft Active Directory.

42
docs/ocis/identity-provider/ldap-active-directory.md Normal file
View File

@@ -0,0 +1,42 @@
---
title: "LDAP - Active Directory"
date: 2023-05-03T00:00:00+00:00
weight: 20
geekdocRepo: https://github.com/owncloud/ocis
geekdocEditPath: edit/master/docs/ocis/identity-provider
geekdocFilePath: ldap-active-directory.md
geekdocCollapseSection: true
---
## Overview
oCIS can be configured using Active Directory as identity provider.
## Configuration Example
This configuration is an _example_ for using Samba4 AD as well as a Windows Server 2022 as the LDAP backend for oCIS. It is intended as guideline and first starting point.
```text
OCIS_LDAP_URI=ldaps://xxxxxxxxx
OCIS_LDAP_INSECURE="true"
OCIS_LDAP_BIND_DN="cn=administrator,cn=users,xxxxxxxxxx"
OCIS_LDAP_BIND_PASSWORD=xxxxxxx
OCIS_LDAP_GROUP_BASE_DN="dc=owncloud,dc=test"
OCIS_LDAP_GROUP_OBJECTCLASS="group"
OCIS_LDAP_GROUP_SCHEMA_ID="objectGUID"
OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING="true"
OCIS_LDAP_GROUP_SCHEMA_GROUPNAME="cn"
OCIS_LDAP_USER_BASE_DN="dc=owncloud,dc=test"
OCIS_LDAP_USER_OBJECTCLASS="user"
OCIS_LDAP_USER_SCHEMA_ID="objectGUID"
OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING="true"
OCIS_LDAP_USER_SCHEMA_USERNAME="sAMAccountName"
OCIS_LDAP_USER_ENABLED_ATTRIBUTE=""
OCIS_LDAP_LOGIN_ATTRIBUTES="sAMAccountName"
IDP_LDAP_LOGIN_ATTRIBUTE="sAMAccountName"
IDP_LDAP_UUID_ATTRIBUTE="objectGUID"
IDP_LDAP_UUID_ATTRIBUTE_TYPE=binary
GRAPH_LDAP_SERVER_WRITE_ENABLED="false"
OCIS_EXCLUDE_RUN_SERVICES=idm
OCIS_ADMIN_USER_ID="<objectGUID-value-of-the-default-admin-user>"
```