Changes between Version 32 and Version 33 of idpiam2018
- Timestamp:
- Sep 13, 2018, 9:32:51 AM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
idpiam2018
v32 v33 13 13 14 14 15 2. Add to orModify `/etc/hosts`:15 2. Modify `/etc/hosts`: 16 16 {{{ 17 17 vim /etc/hosts … … 584 584 }}} 585 585 * log in to your MySQL Server with `mysql -u root -p` and continue. Make sure to replace `##ROOT-DB-PASSWORD##`, `##USERNAME##`, `##PASSWORD##` with your own 586 {{{#! sql586 {{{#!mysql 587 587 SET NAMES 'utf8'; 588 588 … … 718 718 idp.session.secondaryServiceIndex = true 719 719 }}} 720 (This will indicate to IdP to store the data collected by User Consent into the "''' StorageRecords'''" table)720 (This will indicate to IdP to store the data collected by User Consent into the "'''!StorageRecords'''" table) 721 721 722 722 … … 726 726 If you host ldap in a seperate machine, copy the ldap_server.crt to `/opt/shibboleth-idp/credentials` 727 727 * 728 {{{ 728 {{{#!sh 729 729 vim /opt/shibboleth-idp/conf/ldap.properties 730 730 }}} 731 731 * Solution 1: LDAP + STARTTLS: 732 732 733 {{{ 733 {{{#!cfg 734 734 idp.authn.LDAP.authenticator = bindSearchAuthenticator 735 735 idp.authn.LDAP.ldapURL = ldap://idp.instXY.ac.lk:389 … … 738 738 idp.authn.LDAP.sslConfig = certificateTrust 739 739 idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt 740 idp.authn.LDAP.baseDN = ou=people,dc= example,dc=org740 idp.authn.LDAP.baseDN = ou=people,dc=instXY,dc=ac,dc=lk 741 741 idp.authn.LDAP.userFilter = (uid={user}) 742 idp.authn.LDAP.bindDN = cn=admin,dc= example,dc=org742 idp.authn.LDAP.bindDN = cn=admin,dc=instXY,dc=ac,dc=lk 743 743 idp.authn.LDAP.bindDNCredential = ###LDAP_ADMIN_PASSWORD### 744 idp.authn.LDAP.dnFormat = uid=%s,ou=people,dc=instXY,dc=ac,dc=lk 744 745 idp.attribute.resolver.LDAP.trustCertificates = %{idp.authn.LDAP.trustCertificates:undefined} 745 746 }}} … … 753 754 idp.authn.LDAP.useStartTLS = false 754 755 idp.authn.LDAP.useSSL = false 755 idp.authn.LDAP.baseDN = ou=people,dc= example,dc=org756 idp.authn.LDAP.baseDN = ou=people,dc=instXY,dc=ac,dc=lk 756 757 idp.authn.LDAP.userFilter = (uid={user}) 757 idp.authn.LDAP.bindDN = cn=admin,dc= example,dc=org758 idp.authn.LDAP.bindDN = cn=admin,dc=instXY,dc=ac,dc=lk 758 759 idp.authn.LDAP.bindDNCredential = ###LDAP_ADMIN_PASSWORD### 760 idp.authn.LDAP.dnFormat = uid=%s,ou=people,dc=instXY,dc=ac,dc=lk 759 761 }}} 760 762 (If you decide to use the Solution 2, you have to remove (or comment out) the following code from your Attribute Resolver file:
