LDAP (Active Directory) improvements

(Brady Miller) #1


@sunsetsystems has recently brought in some nice ldap updates, which also have a easy way to test out. It will be in OpenEMR 5.0.3 release (which will go out in a couple months). Here is the PR that was brought in:

Here is text taken from the PR regarding the update and easy way to test:

A benefit here is that you can exclude a list of users from LDAP authentication, making setup and troubleshooting easier.

Also note that you are to put “{login}” into the Distinguished Name field (in Globals) as a placeholder for the OpenEMR username.

For testing you can use the sample LDAP server described here:
Use these values in globals:
LDAP - Server Name or URI : ldap.forumsys.com
LDAP - Distinguished Name of User : uid={login},dc=example,dc=com
LDAP - Login Exclusions : administrator (or whatever your admin login is)

Then create a user named “tesla”.
When you enable LDAP and log in as that user, the password is “password”.

Thanks you @sunsetsystems !