Contents 1 Get a working LDAP server 1.1 Install OpenLDAP on Ubuntu 1.2 Configure OpenLDAP 1.3 Connect to LDAP with JXplorer 1.4 Create a person 1.5 Create a team (to share documents among members) 1.6 Add a team member 2 Set LDAP authentification for Argos, Steatite or Cassandre 3 Set LDAP authentification for Agorae

Get a working LDAP server

Install OpenLDAP on Ubuntu

$ sudo apt-get install slapd
$ sudo dpkg-reconfigure slapd 

Configure OpenLDAP

Add this rule to /etc/ldap/slapd.conf:

#Prevent SPAM
access to attrs=mail
       by self write
       by users read
       by * none

Connect to LDAP with JXplorer

host: ldap.hypertopic.org
port: 389
base DN: dc=hypertopic,dc=org
level: user+password
user DN: cn=admin,dc=hypertopic,dc=org
password: <password>

• Notice: the JXplorer installation package isn't compatible with Java 1.6. If you are using java 1.6, please download the JXv3.2.1rc1deploy.zip generic package and run JXplorer from the jxplorer.sh.

./jxplorer.sh console

• If you encounter problem to run JXplorer under ubuntu 8.10, please enable the sun java package to run JXplorer (execute following commands to enable sun-java6-jre).

sudo apt-get install sun-java6-jre
sudo update-alternatives --config java

• If the jxplorer.sh still was not working for some reason (e.g. xhost issue, or "Unrecognized option: -Xdock:name=JXplorer"), please edit jxplorer.sh: find following code and delete it:

-Xdock:name="JXplorer" -Dcom.apple.macos.useScreenMenuBar=true

Create a person

Create a node in org/hypertopic:

cn: <firstname.surname>
objectClass: simpleSecurityObject
objectClass: inetOrgPerson
sn: <surname>
userPassword: <click and type>
givenName: <firstname>
jpegPhoto: <select one>
mail: <e-mail>

Create a team (to share documents among members)

Create a node in org/hypertopic:

cn: <team name>
objectClass: groupOfNames

Add a team member

"Add another value" to the "member" attribute in the team node.

member: cn=<firstname.surname>,dc=hypertopic,dc=org

Set LDAP authentification for Argos, Steatite or Cassandre

Enable LDAP authentification in Apache:

$ sudo a2enmod authnz_ldap

You may restrict edits on argos to LDAP registered users:

<Directory /var/www/argos/>
   AuthType Basic
   AuthName Hypertopic
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative off
   AuthLDAPURL ldap://ldap.hypertopic.org/dc=hypertopic,dc=org?cn
   <LIMIT POST PUT DELETE>
      require valid-user
   </LIMIT>
</Directory>

You may restrict a corpus to a given LDAP team:

<Location /steatite/<corpus>/>
   AuthType Basic
   AuthName Hypertopic
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative off
   AuthLDAPURL ldap://ldap.hypertopic.org/dc=hypertopic,dc=org?cn
   require ldap-group cn=<team name>,dc=hypertopic,dc=org
</Location>

You might even restrict the viewpoints list of a user to himself:

<Location /argos/actor/<argos user>/>
   AuthType Basic
   AuthName Hypertopic
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative off
   AuthLDAPURL ldap://ldap.hypertopic.org/dc=hypertopic,dc=org?cn
   require ldap-user <ldap common name>
</Location>

Reload config file:

$ sudo /etc/init.d/apache2 force-reload

Set LDAP authentification for Agorae

$ sudo apt-get install php5-ldap