LDAP (Active Directory) improvements


(Brady Miller) #1

Hi,

@sunsetsystems has recently brought in some nice ldap updates, which also have a easy way to test out. It will be in OpenEMR 5.0.3 release (which will go out in a couple months). Here is the PR that was brought in:
https://github.com/openemr/openemr/pull/2746

Here is text taken from the PR regarding the update and easy way to test:


A benefit here is that you can exclude a list of users from LDAP authentication, making setup and troubleshooting easier.

Also note that you are to put “{login}” into the Distinguished Name field (in Globals) as a placeholder for the OpenEMR username.

For testing you can use the sample LDAP server described here:
http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
Use these values in globals:
LDAP - Server Name or URI : ldap.forumsys.com
LDAP - Distinguished Name of User : uid={login},dc=example,dc=com
LDAP - Login Exclusions : administrator (or whatever your admin login is)

Then create a user named “tesla”.
When you enable LDAP and log in as that user, the password is “password”.


Thanks you @sunsetsystems !

-brady