Instructions for Integrating CAS with LDAP and user Profiles

You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!

Objective:
Provide CAS single sign on capability and to auto-populate user profile fields from Calnet LDAP. D6x.

Procedure:
Download and enable the following modules:
* cas
* profile
* ldap integration (enable AUTHENTICATION, DATA)
* ldapcas (listed as CAS FETCH - thanks to bfroehle)
* (Optional) realname

Key configuration notes:

For Profile
- Create Profile fields you want to populate through LDAP (e.g. first name)

For CAS:
- CAS server: auth.b.e OR auth-test.b.e
- CAS Port: 443 (default)
- CAS URL: /cas (the forward slash is important!)
- User account setting: "Is Drupal also the CAS user repository?" => No
Other standard settings:
- Users cannot change password: Yes
- Should CAS check to see if the user is already logged in: No
- Password change URL: https://net-auth.berkeley.edu/cgi-bin/krbcpw

LDAP Authentication: add and name a server, then config as follows
- LDAP Server: ldap.berkeley.edu
- LDAP Port: 389 (default)
- Base DNS : ou=people,dc=berkeley,dc=edu
- Username Attribute: uid
- Email attribute: mail
- DN For Anonymous Search: ou=people,dc=berkeley,dc=edu
- Password for Anonymous search: LEAVE BLANK

LDAP DATA: edit server
- Drupal User Profile Mapping: Read only
- DN for reading/editing attributes: ou=people,dc=berkeley,dc=edu
- Password for reading/editing: LEAVE BLANK
- Specify mapping of profile fields to LDAP Attributes
Common LDAP attributes (see an example entry).
- First name: givenName
- Last name: sn
- Full name and title(s): displayName
- Department: berkeleyEduUnitCalNetDeptName -or- berkeleyEduUnitHRDeptName (?)

Other Notes:
- Make sure necessary PHP dependencies are enabled!!!
- Make sure you apply for necessary permissions with IST!!!

Berkeley

Group categories

Event Types

Highlights

Group events

Add to calendar

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: