Skip to content

Commit e9c2290

Browse files
vehi-invituauva-odoo
vehi-invitu
authored and
auva-odoo
committed
[IMP] ldap: disable referral chasing for Microsoft AD
based on #11462 reformat to comply with doc guidelines closes #11560 X-original-commit: 6e9de16 Signed-off-by: Audrey Vandromme (auva) <[email protected]>
1 parent 617a1d0 commit e9c2290

File tree

8 files changed

+44
-55
lines changed

8 files changed

+44
-55
lines changed

content/applications/general/users/ldap.rst

+44-55
Original file line numberDiff line numberDiff line change
@@ -1,55 +1,44 @@
1-
=================
2-
Sign in with LDAP
3-
=================
4-
5-
- Install the Lightweight Directory Access Protocol (LDAP) module in General Settings.
6-
7-
- Click on **Create** in Setup the :abbr:`LDAP (Lightweight Directory Access Protocol)` Server.
8-
9-
.. image:: ldap/ldap01.png
10-
:align: center
11-
:alt: LDAP Authentication checkbox highlighted in the integrations settings on Odoo.
12-
13-
.. image:: ldap/ldap02.png
14-
:align: center
15-
:alt: Create highlighted in the LDAP server settings.
16-
17-
- Choose the company using the LDAP.
18-
19-
.. image:: ldap/ldap03.png
20-
:align: center
21-
:alt: Select the company drop-down menu highlighted in LDAP setup.
22-
23-
- In **Server Information**, enter the IP address of the server and the port it listens to.
24-
25-
- Tick **Use TLS** if the server is compatible.
26-
27-
.. image:: ldap/ldap04.png
28-
:align: center
29-
:alt: LDAP server settings highlighted in LDAP server setup on Odoo.
30-
31-
- In **Login Information**, enter ID and password of the account used to query the server. If left
32-
empty, the server queries anonymously.
33-
34-
.. image:: ldap/ldap05.png
35-
:align: center
36-
:alt: Login information highlighted in LDAP server setup on Odoo.
37-
38-
- In **Process Parameter**, enter the domain name of the LDAP server in :abbr:`LDAP (Lightweight
39-
Directory Access Protocol)` nomenclature (e.g. ``dc=example,dc=com``).
40-
41-
- In **LDAP filter**, enter ``uid=%s``
42-
43-
.. image:: ldap/ldap06.png
44-
:align: center
45-
:alt: Process parameter highlighted in LDAP server setup on Odoo.
46-
47-
- In **User Information**, tick *Create User* if Odoo should create a User profile the first time
48-
someone logs in with :abbr:`LDAP (Lightweight Directory Access Protocol)`.
49-
50-
- In **Template User**, indicate a template for the new profiles created. If left blanked, the admin
51-
profile will be used as template.
52-
53-
.. image:: ldap/ldap07.png
54-
:align: center
55-
:alt: User information highlighted on LDAP server setup on Odoo.
1+
===================
2+
LDAP authentication
3+
===================
4+
5+
To configure :abbr:`LDAP (Lightweight Directory Access Protocol)` authentication in Odoo:
6+
7+
#. Open the Settings app, scroll down to the :guilabel:`Integrations` section, and enable
8+
:guilabel:`LDAP Authentication`.
9+
#. Click :guilabel:`Save`, then go back to the :guilabel:`Integrations` section and click
10+
:guilabel:`LDAP Server`.
11+
#. In the :guilabel:`Set up your LDAP Server` list, click :guilabel:`New`, then select the required
12+
company in the dropdown list.
13+
#. In the :guilabel:`Server information` section, enter the server's IP address and port in the
14+
:guilabel:`LDAP server address` and :guilabel:`LDAP Server port` fields, respectively.
15+
#. Enable :guilabel:`Use TLS` to request secure TLS/SSL encryption when connecting to the LDAP
16+
server, providing the server has StartTLS enabled.
17+
#. In the :guilabel:`Login information` section, enter the ID and password of the account used to
18+
query the server in the :guilabel:`LDAP binddn` and :guilabel:`LDAP password` fields,
19+
respectively. If the fields are left empty, the server will perform the query anonymously.
20+
#. In the :guilabel:`Process parameter` section, enter:
21+
22+
- the LDAP server's name in the :guilabel:`LDAP base` field using LDAP format
23+
(e.g., ``dc=example,dc=com``);
24+
- ``uid=%s`` in the :guilabel:`LDAP filter` field.
25+
26+
#. In the :guilabel:`User information` section:
27+
28+
- Enable :guilabel:`Create user` to create a user profile in Odoo the first time someone logs in
29+
using LDAP;
30+
- Select the :guilabel:`User template` to be used to create the new user profiles. If no template
31+
is selected, the administrator's profile is used.
32+
33+
.. note::
34+
When using Microsoft Active Directory (AD) for LDAP authentication, if users experience login
35+
issues despite using valid credentials, create a new system parameter to disable referral chasing
36+
in the LDAP client:
37+
38+
#. :ref:`Activate the developer mode. <developer-mode>`
39+
#. Go to :menuselection:`Settings --> Technical --> System Parameters` and click
40+
:guilabel:`New`.
41+
#. Fill in the fields:
42+
43+
- :guilabel:`Key`: ``auth_ldap.disable_chase_ref``
44+
- :guilabel:`Value`: ``True``

content/applications/general/users/ldap/ldap01.png

-167 KB
Binary file not shown.

content/applications/general/users/ldap/ldap02.png

-38.2 KB
Binary file not shown.

content/applications/general/users/ldap/ldap03.png

-60.8 KB
Binary file not shown.

content/applications/general/users/ldap/ldap04.png

-60.8 KB
Binary file not shown.

content/applications/general/users/ldap/ldap05.png

-60.9 KB
Binary file not shown.

content/applications/general/users/ldap/ldap06.png

-60.6 KB
Binary file not shown.

content/applications/general/users/ldap/ldap07.png

-60.6 KB
Binary file not shown.

0 commit comments

Comments
 (0)