-
Notifications
You must be signed in to change notification settings - Fork 5
LDAP Authentication BookStack
elurex edited this page Mar 25, 2019
·
1 revision
ssh into bookstack instance and edit /var/www/BookStack/.env , add following config
AUTH_METHOD=ldap
LDAP_SERVER=ldap://<your ldap ip>:389
LDAP_BASE_DN=dc=example,dc=com
LDAP_DN=cn=admin,dc=example,dc=com
LDAP_PASS=<ldap password>
LDAP_USER_FILTER=(&(objectClass=inetOrgPerson)(cn=${user}))
LDAP_VERSION=3
LDAP_EMAIL_ATTRIBUTE=mail
LDAP_DISPLAY_NAME_ATTRIBUTE=gecos
LDAP_USER_TO_GROUPS=true
LDAP_GROUP_ATTRIBUTE="memberOf"
LDAP_REMOVE_FROM_GROUPS=false
APP_DEBUG=false
Login to Bookstack site and go to Settings -> Roles -> Create New Role
Role Name: <best to match ldap group name>
Short Description of Role: Administrator from LDAP
External Authenication IDs: <ldap group name> Not Full DN, just "administrators" or "bookstackadmin"
System Permissions: All Checked
Asset Permissions: All CheckedThis will create a super admin role.