Yet another post


Private OpenID server


Single Sign On (SSO)

Finns två standarder som är på vag fram:

  • OpenID -
  • SAML - ska vara osynligt för användaren, ett abstrakt ramverk
  • Äldre SSO standard - * Google apps verkar ha support för både.






It ispossible to sync a LDAP or AD directory with Google Apps:


  • LDAP necessary - OpenLDAP seams to be available in the CentOS repository
  • Free OpenID and LDAP server -
  • Simple OpenID server -

Web GUI:

  • LAM

#= User self service portals =


#= Installation =


  • Quick-Start Guide
yum install openldap-servers mozldap-tools

second try:

Webmin > LDAP > Configuration, change user and password etc.

Access Control … install CPAN…

Start ser

error: no root DN -> create

Apply configuration


error: Your LDAP server’s database does not contain the root DN dc=gizur,dc=com yet, which means that no data can be added until you create it. However, Webmin can do this for you by clicking the button below.

Press create DN

First try, failed:

# Logga in i webmin och gör refresh modules
# Gå in i Browse, välj att uppdatera Perl från CPAN
# Vänta, installationen tar en stund
# Välj start server

vi /etc/openldap/ldap.conf 
vi /etc/openldap/sldap.conf 
cp DB_CONFIG.example /var/lib/ldap/DB_CONFIG

# change password in webmin

service ldap restart

cd /usr/lib64/mozldap
./ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
# No result

vi test.ldif
# Insert this
dn: dc=gizur,dc=com 
objectclass: dcObject 
objectclass: organization 
o: Gizur 
dc: gizur 

dn: cn=Manager,dc=gizur,dc=com 
objectclass: organizationalRole 
cn: Manager

./ldapadd -x -D "cn=Manager,dc=gizur,dc=com" -W -f test.ldif

#= phpLDAPAdmin =

gunzip phpldapadmin-1.2.2.tgz
tar -xvf phpldapadmin-1.2.2.tar

mv phpldapadmin-1.2.2 /var/www/html/phpldapadmin
chown -R apache.apache /var/www/html/phpldapadmin

yum -y install pcre php53-php-gettext php53-ldap php53-xml

cd /var/www/html/phpldapadmin/config
cp config.php.example config.php
vi config.php

Login with: cn=root,dc=gizur,dc=com

#= LAM =


rpm --nodeps -i ldap-account-manager-3.6-0.fedora.1.noarch.rpm 

cd /usr/share/ldap-account-manager/config


#= Applications =

#== vTiger ==

mv /var/www/html/vtigercrm/
cd /var/www/html/vtigercrm/
service httpd restart

#== Redmine ==

Set Access control options to ‘Allow anonymous login with DN’ in webin > LDAP

Do not enter account and password in Remin LDAP configuration