LDAP Authorization Organic Groups for Drupal 7
Automate membership and roles in Organic Groups based on LDAP data such as user attributes or group memberships.
- Configuration that maps Drupal Users to LDAP Users (Implemented by LDAP Server Module).
- Configuration that maps LDAP user entries to Organic Group membership (Implemented by LDAP Authorization Organic Groups).
- LDAP Authorization modules do not require LDAP Authentication to be used. LDAP Authorization modules will work with CAS, Shib, and other authentication modules including Drupal authentication or Open ID. However, there must be a relationship established between the drupal user and an ldap entry; this relationship is usually the username or email. This relationship is implemented in the LDAP Server module.
- This takes a little patience to setup and test.
These notes are brief, deferring to more complete instructions are in the configuration forms.
- Create the Organic Groups and Roles you need. If the default OG roles work (member and admin) you do not need to worry about creating roles.
- Download LDAP project at http://drupal.org/project/ldap
- Enable LDAP Servers and configure an LDAP Server. Only one server can be used with LDAP Authorization OG at a time.
- At admin/config/people/ldap/authorization/add/og_group, create OG Group Configuration. After configuring this, a test page will be available.
- Go to the test page: admin/config/people/ldap/authorization/test/og_group and try some usernames to see what OG roles the user would be granted.
- When you are satisfied with this test with actual users logging in.
Tips and Gotchas
- The same configuration options are available in LDAP Authorization Drupal Roles, but that module is more commonly used. Try configuring LDAP Authorization Drupal Roles if you have trouble with LDAP Authorization OG.
- If you use "group-name" or "role-name" in your mappings instead of numeric ids (gid and rid), don't change the names of your groups unless you are going to change the mappings at the same time.
- Some helpful logging info can be found by enabling "Log Detailed LDAP Actions" at admin/config/people/ldap. These logs with be in the watchdog logs