LDAP plugin

Warning

This plugin is not compatible with the other authentication plugins.

This plugin allow your GNU MediaGoblin instance to authenticate against an LDAP server.

Set up the LDAP plugin

  1. Install the python3-ldap package.

  2. Add the following to your MediaGoblin .ini file in the [plugins] section:

    [[mediagoblin.plugins.ldap]]
    

Configuring the LDAP plugin

This plugin allows you to use multiple LDAP servers for authentication.

In order to configure a server, add the following to you MediaGoblin .ini file under the LDAP plugin:

[[mediagoblin.plugins.ldap]]
[[[server1]]]
LDAP_SERVER_URI = 'ldap://ldap.testathon.net:389'
LDAP_USER_DN_TEMPLATE = 'cn={username},ou=users,dc=testathon,dc=net'
[[[server2]]]
...

Make any necessary changes to the above to work with your sever. Make sure {username} is where the username should be in LDAP_USER_DN_TEMPLATE.

If you would like to fetch the users email from the LDAP server upon account registration, add LDAP_SEARCH_BASE = 'ou=users,dc=testathon,dc=net' and EMAIL_SEARCH_FIELD = 'mail' under you server configuration in your MediaGoblin .ini file.

Warning

By default, this plugin provides no encryption when communicating with the LDAP servers. If you would like to use an SSL connection, change LDAP_SERVER_URI to use ldaps:// and whichever port you use. Default LDAP port for SSL connections is 636. If you would like to use a TLS connection, add LDAP_START_TLS = 'true' under your server configuration in your MediaGoblin .ini file.