Cool Solution - Setting up Bugzilla with LDAP authentication

From Univention Wiki

Jump to: navigation, search
Produktlogo UCS Version 4.1

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

The current version of Bugzilla can currently not be installed on an UCS system, because it requires a newer version of CGI.pm than the one available in UCS 4.1. Thus, we will only explain setting up LDAP authentication from an Ubuntu server running Bugzilla against UCS LDAP.

Note: UCS operates only as LDAP server. Make sure you install Bugzilla on an up-to-date Debian Server.

You can obtain information on how to install Bugzilla from the official documentation.

Configuration to use an external LDAP service

For this setup, you will need a user in your UCS system, with which Bugzilla can authorize itself and search the database.
We recommend creating a distinct user just for Bugzilla. You can visit the LDAP search user article, if you need help doing so.

To successfully connect your Bugzilla system with the UCS LDAP, login into Bugzilla with your administration account
and visit the User Authentication tab in the core parameter settings. (example.com/bugzilla/editparams.cgi?section=auth)


Now scroll down, until you reach the user_verify_class area. Here you will find a list with multiple verification options.
If LDAP is disabled (below the grey bar), select it and push the up-arrow until it is above the grey bar but still below the default option (DB). Click the save button.

Next, select the LDAP tab on the left hand side, enter the following settings and save:

attribute values
LDAPServer ldaps://<FQDN of your UCS server>:7636
LDAPstarttls off
LDAPbinddn <Full DN of your authentication account>:<password of the authentication account>
LDAPuidattribute uid
LDAPmailattribute mailPrimaryAddress
LDAPfilter (empty)

You can now log out and test the connection with a user from your UCS system.

Further links

Personal tools