mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-02-05 00:29:48 +03:00
Setup mail and ldap #1121
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @TheDealman on GitHub (Apr 3, 2019).
Hello
I just installed bookstack on ubuntu 16.04 and I used the installation script to do the install for me. I would like to setup the email and LDAP auth but all the documentation references some .env file that needs to be edited. Where is this .env file that I need to edit?
@cnfw commented on GitHub (Apr 3, 2019):
Hi, there is an example .env file called
.env.examplein the root directory of the project. You can copy this to a file called.envand update the values as you need. Sometimes it may be hidden,ls -lawill show hidden files :)There's also a file called
.env.example.completewith a full list of configurable options, including LDAP options. Head the caution at the top of this file, only use the pieces of configuration you need from it.@ssddanbrown commented on GitHub (Apr 4, 2019):
Thanks @cw1998 for providing some helpful info.
@TheDealman If you're having trouble finding your BookStack install, You'll probably find it at
/var/www/bookstacksince you installed using the script.@TheDealman commented on GitHub (Apr 4, 2019):
Thanks I found it
@TheDealman commented on GitHub (Apr 4, 2019):
I will try to get this all working today
@TheDealman commented on GitHub (Apr 4, 2019):
Okay i was able to get this working in the .env file that's located /var/www/bookstack
#General auth
AUTH_METHOD=ldap
LDAP authentication configuration
LDAP_SERVER=ip of the AD server:389
LDAP_BASE_DN=OU=name,DC=ADNETBIOS,DC=SUFFIX
LDAP_DN=CN=ACCOUNT,OU=NAME OF OU,ADNETBIOS,DC=SUFFIX
LDAP_PASS=PASSWORD ACCOUNT LISTED ABOVE
LDAP_USER_FILTER=(|(mail=${user})(sAMAccountName=${user}))
LDAP_VERSION=3
LDAP_TLS_INSECURE=false
LDAP_EMAIL_ATTRIBUTE=mail
LDAP_DISPLAY_NAME_ATTRIBUTE=cn
LDAP_FOLLOW_REFERRALS=true
I was able to login using LDAP credentials but i didn't have any user roles so I changed the AUTH_METHOD to standard instead of ldap so i could login with the local admin account. I am able to see the accounts that have logged in via the ldap auth and assign roles but my question is when the ldap auth method is set how do you assign roles?
@TheDealman commented on GitHub (Apr 8, 2019):
Anyone know the answer to the above question?
@ssddanbrown commented on GitHub (Apr 8, 2019):
@TheDealman You can either set LDAP groups manually in the system and/or enable LDAP group syncing which will run when an LDAP user logs-in.
@TheDealman commented on GitHub (Apr 9, 2019):
Yes I setup a LDAP group but my question is I am able to see the accounts that have logged in via the ldap auth but how do you assign roles?
@ssddanbrown commented on GitHub (Apr 9, 2019):
@TheDealman You'd need to assign BookStack roles manually by viewing each user and selecting the roles to assign them. Otherwise you can align the names with LDAP groups to auto-set BookStack roles on login.
@TheDealman commented on GitHub (Apr 9, 2019):
How do I align the names with LDAP groups to auto-set BookStack roles on login?
@ssddanbrown commented on GitHub (May 18, 2019):
Sorry for my late response @TheDealman.
The process/logic is described in the LDAP group syncing documentation page. Ultimately, you can either configure BookStack role names to align with LDAP group names otherwise use the
External Authentication IDsBookStack role option to perform this matching.@ssddanbrown commented on GitHub (Aug 27, 2019):
Since the last comment on this issue is relatively old I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue, referencing this one.