Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ldap docs: LDAP backend now works for initial realm creation. 

Fixes #9576.

Initial realm creation now works fine with the LDAP backend, so the
part of the docs about needing to create the first realm with the
email backend is unnecessary and just complicates the setup process,
so it seems best to just remove it.
This commit is contained in:
Mateusz Mandera 2019-10-29 01:55:37 +01:00 committed by Tim Abbott
parent 18b4a58bc2
commit 4561652513
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/production/authentication-methods.md
View File

@ -137,13 +137,12 @@ optionally using LDAP as an authentication mechanism.
In either configuration, you will need to do the following:
1. Create your organization and first administrator account using
another authentication backend (usually `EmailAuthBackend`). LDAP
authentication does not support organization creation at this time;
but you can disable `EmailAuthBackend` once you have created the
organization.
1. These instructions assume you have an installed Zulip server and
are logged into a shell there. You can have created an
organization already using EmailAuthBackend, or plan to create the
organization using LDAP authentication.
2. Tell Zulip how to connect to your LDAP server:
1. Tell Zulip how to connect to your LDAP server:
* Fill out the section of your `/etc/zulip/settings.py` headed "LDAP
integration, part 1: Connecting to the LDAP server".
* If a password is required, put it in
@ -151,7 +150,7 @@ In either configuration, you will need to do the following:
`auth_ldap_bind_password`. For example: `auth_ldap_bind_password
= abcd1234`.
3. Decide how you want to map the information in your LDAP database to
1. Decide how you want to map the information in your LDAP database to
users' account data in Zulip. For each Zulip user, two closely
related concepts are:
* their **email address**. Zulip needs this in order to send, for
@ -166,7 +165,7 @@ In either configuration, you will need to do the following:
Either or both of these might be an attribute of the user records
in your LDAP database.
4. Tell Zulip how to map the user information in your LDAP database to
1. Tell Zulip how to map the user information in your LDAP database to
the form it needs for authentication. There are three supported
ways to set up the username and/or email mapping:
@ -184,7 +183,7 @@ In either configuration, you will need to do the following:
To do this, set `AUTH_LDAP_USER_SEARCH` to query by LDAP
username, and `LDAP_EMAIL_ATTR = "email"`.
5. In configurations (A) and (C), you need to tell Zulip how to look
1. In configurations (A) and (C), you need to tell Zulip how to look
up a user's LDAP data given their user's email address:
* Set `AUTH_LDAP_REVERSE_EMAIL_SEARCH` to a query that will find an