see also TracLdapAuthPlugin

I'm not the developer or maintainer of the LDAPAuthPlugin, and this is not a real reference; just some quick notes on using LDAPAuthPlugin with a standalone tracd:

Prerequisites:

• install python-ldap
• install AccountManager plugin
• install LDAPAuth plugin http://pypi.python.org/pypi/TracLDAPAuth/

I'm using tracd to serve multiple projects, and have a global trac.ini:

[ldap]
bind_dn =<bind DN>
;e.g. bind_dn = uid=%s,ou=people,dc=foo,dc=bar,dc=moo

server = <ldap server address>

[components]
trac.web.auth.LoginModule = disabled
 
acct_mgr.admin.accountmanageradminpage = enabled
acct_mgr.api.accountmanager = enabled
acct_mgr.web_ui.LoginModule = enabled
 
; be sure to enable the component
ldapauth.store.LDAPStore = enabled
 
[account-manager]
; configure the plugin to store passwords in the htdigest format:
password_store = LDAPStore

This global trac.ini then gets inherited by each trac projects' trac.ini:

# -*- coding: utf-8 -*-
  
[inherit]
file = /my/path/to/trac_projects/trac.ini

...

Start tracd like this:

tracd -p 80 -e /my/path/to/trac_projects

If you are using TracForge to get some multi-project support (single sign-on etc.) you might rather want to start like this, so only the master project shows up on the standard projects list page:

tracd -p 80 /my/path/to/trac_projects/my_master_project

A Better Ldap Solution

This plugin doesn't support user listing, changing password, registration or non-simple binding.

LDAPAuthStore offers a better solution linking LdapPlugin to AccountManager. Provide user listing, password changing, MD5/CRYPT/SASL binding/authentication.

Author/Contributors

• LDAPAuthPlugin Code Author: Noah Kantrowitz <coderanger at yahoo com>
• This Page Author: jholg
• This Page Contributor: Yu Huang (crocea)