[ome-devel] LDAP question
Yanling Liu
vrnova at gmail.com
Wed Sep 10 17:31:07 BST 2014
Hello Blazej,
Thanks for your message and I need more help here.
Suppose we have a freshly installed clean OME system running, plus we have
a known list of users accessing OME, what would be the correct procedure to
configure OME so these known users can login using LDAP credentials?
We don't want to have new account automatically created in OME as we have
controlled user base. We want to prepare OME so users can login to see
their existing images rather than letting them to login in order to create
their accounts. Could we first create user accounts in OME using "bin/omero
user add" and then configure OME to use LDAP? How do we turn off automatic
account creation once we enable LDAP?
If LDAP is enabled, would it be possible to login using local root user?
Would it be possible to create more local users such as a dedicated local
"importer" account, while other users still use LDAP passwords to login?
I have read the documentation on converting non-LDAP user to LDAP users (
http://www.openmicroscopy.org/site/support/faq/omero/how-do-you-convert-a-non-ldap-user-to-using-ldap).
How does this apply to our scenario?
Many thanks,
Yanling
On Fri, Sep 5, 2014 at 11:28 AM, Blazej Pindelski <b.pindelski at dundee.ac.uk>
wrote:
> On 5 Sep 2014, at 15:56, Yanling Liu <vrnova at gmail.com> wrote:
> > Hello,
>
> Hi Yanling
>
> > Could I have some help in configuring OME to use LDAP?
> >
> > Right now I have following information available:
> >
> > domain name
> > domain controller
> > site/urls
> > base
> > bind password
> >
> > but how do I put these information into OME? I have checked OME LDAP
> documentation page but it didn't mention domain name, domain controller,
> and bind password, when do I need to use them?
> >
> > Any help?
>
> The best starting place would be
> http://www.openmicroscopy.org/site/support/omero5/sysadmins/server-ldap.html#minimum-configuration
> .
> The settings have to be understood as follows:
> - omero.ldap.config=true - switches on the LDAP subsystem in OMERO,
> - omero.ldap.urls=ldap://localhost:389 - that is the URL of the LDAP/AD
> server (site/urls in your case?),
> - omero.ldap.username and omero.ldap.password - those are the credentials
> (I'd imagine "bind password, in your case) used for connecting to the
> LDAP/AD server,
> - omero.ldap.base=ou=example,o=com - this is the base from which OMERO
> will start to look for users ("base" in your case).
>
> I hope that helps. If the documentation can be improved, please let us
> know.
>
> Regards,
> Blazej
>
> > Thanks,
> > Yanling
> > _______________________________________________
> > ome-devel mailing list
> > ome-devel at lists.openmicroscopy.org.uk
> > http://lists.openmicroscopy.org.uk/mailman/listinfo/ome-devel
>
>
> The University of Dundee is a registered Scottish Charity, No: SC015096
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-devel/attachments/20140910/de26d54f/attachment.html>
More information about the ome-devel
mailing list