wiki:LdapSupport

Version 9 (modified by davea, 9 years ago) (diff)

--

LDAP support

A BOINC project can let users authenticate (in both Web and Manager) using LDAP. Specifically:

  • The web login form lets users enter an LDAP ID instead of an email address.
  • Similarly in the Manager Attach Project wizard (works only with 7.5+ clients).

From the user's point of view, their BOINC accounts already exist; they use "Login" rather than "Create new account".

To enable this, add the following to your html/project/project.inc:

define("LDAP_HOST", "ldap://ldap1.ssl.berkeley.edu");
define("LDAP_BASE_DN", "ou=people,dc=ssl,dc=berkeley,dc=edu");

Change the values to reflect your LDAP server. You may not need "ou=people,".

Implementation

For accounts authenticated with LDAP, the user.email_addr database field has a string of the form LDAP:uid where uid is the LDAP user ID.