Provide CAS single sign on capability and to auto-populate user profile fields from Calnet LDAP. D6x.
Key configuration notes:
- Create Profile fields you want to populate through LDAP (e.g. first name)
- CAS server: auth.b.e OR auth-test.b.e
- CAS Port: 443 (default)
- CAS URL: /cas (the forward slash is important!)
- User account setting: "Is Drupal also the CAS user repository?" => No
Other standard settings:
- Users cannot change password: Yes
- Should CAS check to see if the user is already logged in: No
- Password change URL: https://net-auth.berkeley.edu/cgi-bin/krbcpw
LDAP Authentication: add and name a server, then config as follows
- LDAP Server: ldap.berkeley.edu
- LDAP Port: 389 (default)
- Base DNS : ou=people,dc=berkeley,dc=edu
- Username Attribute: uid
- Email attribute: mail
- DN For Anonymous Search: ou=people,dc=berkeley,dc=edu
- Password for Anonymous search: LEAVE BLANK
LDAP DATA: edit server
- Drupal User Profile Mapping: Read only
- DN for reading/editing attributes: ou=people,dc=berkeley,dc=edu
- Password for reading/editing: LEAVE BLANK
- Specify mapping of profile fields to LDAP Attributes
Common LDAP attributes (see an example entry).
- First name: givenName
- Last name: sn
- Full name and title(s): displayName
- Department: berkeleyEduUnitCalNetDeptName -or- berkeleyEduUnitHRDeptName (?)
- Make sure necessary PHP dependencies are enabled!!!
- Make sure you apply for necessary permissions with IST!!!