mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-20 19:40:39 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
f6ead08dbd5d45e4d050e73cd39bea528f5cab3f
opencloud/docs/extensions/idm/setup.md
Ralf Haferkamp bca502d2bd Fix idm setup docs
2022-04-13 15:09:16 +02:00

2.0 KiB
Raw Blame History

title, date, weight, geekdocRepo, geekdocEditPath, geekdocFilePath, geekdocCollapseSection
title date weight geekdocRepo geekdocEditPath geekdocFilePath geekdocCollapseSection
Service Setup 2022-03-22T00:00:00+00:00 20 https://github.com/owncloud/ocis edit/master/docs/extensions/idm setup.md true

{{< toc >}}

Using ocis with libregraph/idm

Currently, oCIS still runs the accounts and glauth services to manage users. Until the default is switched to libregraph/idm, oCIS has to be started with a custom configuration in order to use libregraph/idm as the users and groups backend (this setup also disables the glauth and accounts service):

export GRAPH_IDENTITY_BACKEND=ldap
export LDAP_URI=ldaps://localhost:9235
export LDAP_INSECURE="true"
export LDAP_USER_BASE_DN="ou=users,o=libregraph-idm"
export LDAP_USER_SCHEMA_ID="ownclouduuid"
export LDAP_USER_SCHEMA_MAIL="mail"
export LDAP_USER_SCHEMA_USERNAME="uid"
export LDAP_USER_OBJECTCLASS="inetOrgPerson"
export LDAP_GROUP_BASE_DN="ou=groups,o=libregraph-idm"
export LDAP_GROUP_SCHEMA_ID="ownclouduuid"
export LDAP_GROUP_SCHEMA_MAIL="mail"
export LDAP_GROUP_SCHEMA_GROUPNAME="cn"
export LDAP_GROUP_SCHEMA_MEMBER="member"
export LDAP_GROUP_OBJECTCLASS="groupOfNames"
export GRAPH_LDAP_BIND_DN="uid=libregraph,ou=sysusers,o=libregraph-idm"
export GRAPH_LDAP_BIND_PASSWORD=idm
export GRAPH_LDAP_SERVER_WRITE_ENABLED="true"
export IDP_INSECURE="true"
export IDP_LDAP_BIND_DN="uid=idp,ou=sysusers,o=libregraph-idm"
export IDP_LDAP_BIND_PASSWORD="idp"
export IDP_LDAP_LOGIN_ATTRIBUTE=uid
export PROXY_ACCOUNT_BACKEND_TYPE=cs3
export OCS_ACCOUNT_BACKEND_TYPE=cs3
export STORAGE_LDAP_BIND_DN="uid=reva,ou=sysusers,o=libregraph-idm"
export STORAGE_LDAP_BIND_PASSWORD=reva
export OCIS_RUN_EXTENSIONS=settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,idm,ocdav
export OCIS_INSECURE=true
bin/ocis server
Reference in New Issue View Git Blame Copy Permalink