Instructions for Integrating CAS with LDAP and user Profiles

You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!

Provide CAS single sign on capability and to auto-populate user profile fields from Calnet LDAP. D6x.

Download and enable the following modules:
* cas
* profile
* ldap integration (enable AUTHENTICATION, DATA)
* ldapcas (listed as CAS FETCH - thanks to bfroehle)
* (Optional) realname

Key configuration notes:

For Profile
- Create Profile fields you want to populate through LDAP (e.g. first name)

For CAS:
- CAS server: auth.b.e OR auth-test.b.e
- CAS Port: 443 (default)
- CAS URL: /cas (the forward slash is important!)
- User account setting: "Is Drupal also the CAS user repository?" => No
Other standard settings:
- Users cannot change password: Yes
- Should CAS check to see if the user is already logged in: No
- Password change URL:

LDAP Authentication: add and name a server, then config as follows
- LDAP Server:
- LDAP Port: 389 (default)
- Base DNS : ou=people,dc=berkeley,dc=edu
- Username Attribute: uid
- Email attribute: mail
- DN For Anonymous Search: ou=people,dc=berkeley,dc=edu
- Password for Anonymous search: LEAVE BLANK

LDAP DATA: edit server
- Drupal User Profile Mapping: Read only
- DN for reading/editing attributes: ou=people,dc=berkeley,dc=edu
- Password for reading/editing: LEAVE BLANK
- Specify mapping of profile fields to LDAP Attributes
Common LDAP attributes (see an example entry).
- First name: givenName
- Last name: sn
- Full name and title(s): displayName
- Department: berkeleyEduUnitCalNetDeptName -or- berkeleyEduUnitHRDeptName (?)

Other Notes:
- Make sure necessary PHP dependencies are enabled!!!
- Make sure you apply for necessary permissions with IST!!!


Group categories

Event Types


Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: