Ldap support
Ldap support
To tie this into our ldap tree.
-
zoneminder
- Site Admin
- Posts: 5215
- Joined: Wed Jul 09, 2003 2:07 pm
- Location: Bristol, UK
- Contact:
LDAP
I think I might have a idea as I would like to see some kind of LDAP Support.
Use the LDAP for authentication into the ZoneMinder interface. Then be able to select from that ldap list the users to which can make changes to ZoneMinder and view/edit monitors.
I think it would a lot of additional programming. You'd need a basic connection file with the correct DN's for login and searchs. I have used a couple of apps that I like the way it works.
jive softwares wildfire is a nice example. It simple uses ldap for login and you fille in your groups via the database. www.jive-software.org
Horde is a really good one, that allows you have groups within LDAP.
Another Idea with the use od LDAP is store ZoneMinder info with in a custom scheme. then you would be able to have a bunch of ZoneMinders using the LDAP server. Like a ZM farm. Then possible build the daemon to look at the LDAP for configs. Under one OU you could have <Server> and <device>. All the servers would only read the info that has their sever name. Then you would only need one Web Interface with shared storage.
Use the LDAP for authentication into the ZoneMinder interface. Then be able to select from that ldap list the users to which can make changes to ZoneMinder and view/edit monitors.
I think it would a lot of additional programming. You'd need a basic connection file with the correct DN's for login and searchs. I have used a couple of apps that I like the way it works.
jive softwares wildfire is a nice example. It simple uses ldap for login and you fille in your groups via the database. www.jive-software.org
Horde is a really good one, that allows you have groups within LDAP.
Another Idea with the use od LDAP is store ZoneMinder info with in a custom scheme. then you would be able to have a bunch of ZoneMinders using the LDAP server. Like a ZM farm. Then possible build the daemon to look at the LDAP for configs. Under one OU you could have <Server> and <device>. All the servers would only read the info that has their sever name. Then you would only need one Web Interface with shared storage.
Personally, I would leave the configuration in MySQL as you can cluster that nicely aswell. Using LDAP is a good idea as you can integrate with AD aswell.
Starter for 10 :- http://adldap.sourceforge.net/
Starter for 10 :- http://adldap.sourceforge.net/
It's really easy to impliment LDAP authentication if you use the php libraries. I wrote an extension for ZoneMinder in about 2 hours.
All the user info is still held within mySQL, and just the password is sent to LDAP (AD in our case) for validation. If anyone is interested I can post the code here. It's only about 2 lines of changes in zm_funcs if you include my functions.
Check this out:
http://www.zoneminder.com/forums/viewtopic.php?t=8588
Regards,
Christiaan
All the user info is still held within mySQL, and just the password is sent to LDAP (AD in our case) for validation. If anyone is interested I can post the code here. It's only about 2 lines of changes in zm_funcs if you include my functions.
Check this out:
http://www.zoneminder.com/forums/viewtopic.php?t=8588
Regards,
Christiaan
-
zoneminder
- Site Admin
- Posts: 5215
- Joined: Wed Jul 09, 2003 2:07 pm
- Location: Bristol, UK
- Contact: