ISPConfig and LDAP

Discussion in 'Developers' Forum' started by kinai, Aug 28, 2012.

  1. kinai

    kinai Member

    Hi all,

    I know that LDAP is not supported in ISPConfig.
    The ISPConfig core is it devellop to allow adding a plugin to store users informations and password in another backend that mysql ? ldap for example.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The ispconfig interface requires a relational sql database, currently supported is mysql only. So you cant run the ispconfig interface on a ldap store. It might be possible to write a server plugin that stores duplicates of the authentication information that is found in mysql in a ldap directory, but ldap will be a ready only storage in this scenario and not a replacement for the sql storage that ispconfig uses.
  3. kinai

    kinai Member

    Hi Till,

    Thanks for your answer.

    I understand that ISPConfig requires a SQL Database to store information like service configuration (Apache, Mysql, Postfix). I think LDAP could became only a "account backend".

    Do you think that is possible to "modify" ISPConfig with a core plugin to store users, clients and ressellers informations in LDAP. For me, this information must be linked with database information like apache sites affect to this client. Primary Key used for identify user in sql database could be store in a field in LDAP object.

    It could be possible to "choice", during ISPConfig install, the "account backend" : LDAP ou MySQL.

    Possibility to duplicate users informations store in mysql to ldap could be a first step.

    Number of services, like postfix and dovecot, could be configure to use LDAP as authentification backend. Using LDAP could be usefull to retrieve user informations to authenticate third party application like CMS (Joomla), ERP (OpenERP) , and other... For me, ISPConfig could became more expandable with an LDAP "accout backend".

    With a replicate solution, if user update his data from third party application, ISPConfig override it after an update and data store by user will be lost.

    In case of it will be possible to create a core plugin for that, could you give me documentation to devellop core plugin (I've just found interface plugin documentation).

  4. Mark_NL

    Mark_NL Member

    This is possible, but it's not a simple task.
    I'd start with writing new scheme's for the ISPConfig data to save the same data in LDAP as you would in MySQL and create some "replication" function so the LDAP data is always in sync with the data in MySQL.

    From that point on you can start having services use LDAP Authentication and possibly start making MySQL data "slave" ..

    I like ldap, but i fail to see the big advantage over the already existing system. I think it's too much work for what you'll eventually be able to do with it.

    anyway, good luck!
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    You would have to rewrite a lot of code in ispconfig (maybe about 50% of the code) if you want to do a full ldap backend for authentication details as ldap works very differntly then a mysql database and the user data is required by almost all plugins, so you would have to change them all.
  6. valerios

    valerios New Member

    Ispconfig3 & LDAP

    Hi Till,
    is possible using LDAP backend only for mail user authentication?

Share This Page