Cool Solution - LDAP search user / simple authentication account

From Univention Wiki

Revision as of 12:59, 14 April 2016 by Rehberg (talk | contribs)
Jump to: navigation, search
Produktlogo UCS Version 4.1

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.
Note: This article is not yet reviewed.

For security reasons we recommend to create a simple authentication user, which can only read LDAP entries.

First things first you go to the UMC and open the Users module and add a new user. Klick on Advanced in the new Window.

This site shows you the advanced settings of a user creation

Fill out all neccessary text fields (lastname, username and a safety password) and go to the "Option" tab. Untag all checkboxes except "simple authentication".

Untag all checkboxes except simple authentication

With the help of the command line you can check, if the created user is qualified to read the LDAP entries. Execute the following command:

univention-ldapsearch -LLL -D uid=<LDAP user>,cn=users,dc=example,dc=com -W

Enter the password of the LDAP user. After that, the LDAP entries should be read by the LDAP user.

Personal tools