Active Directory?

sunsetsystems wrote on Wednesday, September 15, 2010:

Looks like in OpenEMR 2.9.0 and beyond there is a library/adldap/ directory in the distribution, but I don’t see anything outside of it that refers to it.

Anyone have documentation or other clues as to how Active Directory authentication is supposed to be set up?

Rod
www.sunsetsystems.com

aperezcrespo wrote on Wednesday, September 15, 2010:

Hi Rod

According to the adLDAP_conf.inc  file located in that directory.

account_suffix : this is the full domain name of your Active Directory
base_dn: Users is the standard windows CN, replace the DC stuff with your domain
domain_controllers: the IP address of your domain controller(s)
ad_username: a username with simple ‘bind’ access to Active Directory no special permissions needed (usually just an AD user with read rights to the LDAP properties in AD).
ad_password: the password for the user
real_primarygroup: leave alone or read adldap.sourceforge.net docs
use_ssl: leave alone or read adldap.sourceforge.net docs
recursive_groups: leave alone or read adldap.sourceforge.net docs

And the original conversation is here https://sourceforge.net/projects/openemr/forums/forum/202506/topic/1864484

Looks like once you config the above file and cron the adLDAP_sync.sh it should work and populate OEMR.  OpenEMR security is handled by OEMR and not AD.

At least in theory.

sunsetsystems wrote on Wednesday, September 15, 2010:

Thanks!  I had forgotten about that discussion.

Rod
www.sunsetsystems.com