•  
     
    story #8207 use Active Directory as an LDAP directory
Summary
site administrator
use Active Directory as an LDAP directory
I can use all Tuleap/LDAP features with AD

Tuleap LDAP features:

Read-only use of an Active Directory (AD). Tuleap must be configurable to work with either openLDAP or AD. Plenty of other tools have this compatibility (e.g. Jenkins/ Bugzilla) and are a good source of inspiration for configuration examples and explanations.

The following must all work with an AD.

  • Account creation (already works, verify)
  • Login (already works, verify)
  • Auto provisionning (already works, verify)
    • Automatic creation of Tuleap user account when user exists in AD but not yet in Tuleap user DB
  • Autocompletion
  • SVN authentication
    • through Apache via svn CLI commands
    • through viewVC in UI
    • through custom perl/ python scripts (nightly stats, notifications/ commit-email.pl)
  • Import LDAP group (for project_members and for static ugroups)
    • be careful with group structure difference between openLDAP and AD
  • Update LDAP group (for project_members and for static ugroups) on Tuleap (user-group LDAP binding)
  • Nightly synchro is covered by story #8208 (extracted to fit team constraint)

In addition to features:

  • Update documentation to explain how AD integration works. Maybe provide 2 ldap.inc, one for openldap like and one for AD.
  • Update validation suite to cover AD. Must test valid users and groups as well as invalid users and groups (user doesn't exist/ invalid credentials/ user group doesn't have correct permissions/ ...)

Technical note:

Empty
Nouha Terzi (terzino)
Status
Done
Development
Empty
Depends of the availability of AD for development (usage of Rackspace a priori) and at validation time.
Details
#8207
Manuel Vacelet (vaceletm)
2015-07-29 16:38
2015-07-07 13:46
7228

References

List of items referenced by or referencing this item.

Artifact Tracker v5

Follow-ups

  • User avatar
    • Status changed from To be done to Done
  • User avatar
    • Acceptance criteria
  • User avatar
    • CC list set to Nouha Terzi (terzino)
  • User avatar
    • Acceptance criteria
  • User avatar
    • Acceptance criteria
  • User avatar
    • Acceptance criteria
    • CC list cleared
    • Permissions set to