diff --git a/en_US/iredadmin/2-iredadmin-pro.custom.user.services.md b/en_US/iredadmin/2-iredadmin-pro.custom.user.services.md new file mode 100644 index 00000000..854d82ba --- /dev/null +++ b/en_US/iredadmin/2-iredadmin-pro.custom.user.services.md @@ -0,0 +1,42 @@ +# iRedAdmin-Pro (LDAP backend): Add and manage custom services for mail user + +It's reasonable that you want to use OpenLDAP server running on iRedMail +server as a central identity management database. If you have other +softwares/services, and need to restrict some users to use these +software/services, the easiest and most elegent soluion is adding extra service +name in LDAP database, and update your softwares to use a proper LDAP filter to +query users. + +We assume you have a GitLab server and Jabber (XMPP) server running on internal +servers, and allow different users to use them. +In this tutorial, we use service name `gitlab` for GitLab service, and `jabber` +for Jabber. + +With iRedAdmin-Pro, please open its config file +`/opt/www/iredadmin/settings.py` (old iRedMail releases may deploy iRedAdmin-Pro +to different path, please check [this tutorial](./file.locations.html#iredadmin) +to figure it out, add a new parameter `ADDITIONAL_ENABLED_USER_SERVICES` like +below: + +``` +ADDITIONAL_ENABLED_USER_SERVICES = ['gitlab', 'jabber'] +``` + +Then restart `iredadmin` service. + +__Newly__ created mail user will have these 2 services enabled by default, but +for existing users, you have to add them either manually or do it with some +scripting/programming. + +You can find these 2 custom service names after logged in to iRedAdmin-Pro, +in user profile page, under tab `Advanced`. Screenshot attached. + +![](./images/iredadmin/custom_user_services.png){: width="700px" } + +In OpenLDAP, mail user with these 2 services enabled will have 2 new LDAP +attribute/value pairs: + +``` +enabledService=gitlab +enabledService=jabber +``` diff --git a/html/images/iredadmin/custom_user_services.png b/html/images/iredadmin/custom_user_services.png new file mode 100644 index 00000000..45673ad0 Binary files /dev/null and b/html/images/iredadmin/custom_user_services.png differ diff --git a/html/index.html b/html/index.html index a6a92e31..a14305c5 100644 --- a/html/index.html +++ b/html/index.html @@ -205,6 +205,7 @@
It's reasonable that you want to use OpenLDAP server running on iRedMail +server as a central identity management database. If you have other +softwares/services, and need to restrict some users to use these +software/services, the easiest and most elegent soluion is adding extra service +name in LDAP database, and update your softwares to use a proper LDAP filter to +query users.
+We assume you have a GitLab server and Jabber (XMPP) server running on internal
+servers, and allow different users to use them.
+In this tutorial, we use service name gitlab
for GitLab service, and jabber
+for Jabber.
With iRedAdmin-Pro, please open its config file
+/opt/www/iredadmin/settings.py
(old iRedMail releases may deploy iRedAdmin-Pro
+to different path, please check this tutorial
+to figure it out, add a new parameter ADDITIONAL_ENABLED_USER_SERVICES
like
+below:
ADDITIONAL_ENABLED_USER_SERVICES = ['gitlab', 'jabber']
+
+
+Then restart iredadmin
service.
Newly created mail user will have these 2 services enabled by default, but +for existing users, you have to add them either manually or do it with some +scripting/programming.
+You can find these 2 custom service names after logged in to iRedAdmin-Pro,
+in user profile page, under tab Advanced
. Screenshot attached.
In OpenLDAP, mail user with these 2 services enabled will have 2 new LDAP +attribute/value pairs:
+enabledService=gitlab
+enabledService=jabber
+
+
+
+
+
\ No newline at end of file