[IMP] ldap: disable referral chasing for Microsoft AD

based on https://github.com/odoo/documentation/pull/11462 reformat to comply with doc guidelines closes odoo/documentation#11558 X-original-commit: 6e9de168d9 Signed-off-by: Audrey Vandromme (auva) <auva@odoo.com>
2024-11-26 22:36:34 +00:00 · 2024-11-26 22:36:34 +00:00 · cf05ed1c75
commit cf05ed1c75
parent 02f8188b36
8 changed files with 36 additions and 47 deletions
--- a/content/applications/general/users/ldap.rst
+++ b/content/applications/general/users/ldap.rst
@ -1,55 +1,44 @@
-=================
+===================
-Sign in with LDAP
+LDAP authentication
-=================
+===================
- Install the Lightweight Directory Access Protocol (LDAP) module in General Settings.
+To configure :abbr:`LDAP (Lightweight Directory Access Protocol)` authentication in Odoo:
- Click on **Create** in Setup the :abbr:`LDAP (Lightweight Directory Access Protocol)` Server.
+#. Open the Settings app, scroll down to the :guilabel:`Integrations` section, and enable
   :guilabel:`LDAP Authentication`.
 #. Click :guilabel:`Save`, then go back to the :guilabel:`Integrations` section and click
   :guilabel:`LDAP Server`.
 #. In the :guilabel:`Set up your LDAP Server` list, click :guilabel:`New`, then select the required
   company in the dropdown list.
 #. In the :guilabel:`Server information` section, enter the server's IP address and port in the
   :guilabel:`LDAP server address` and :guilabel:`LDAP Server port` fields, respectively.
 #. Enable :guilabel:`Use TLS` to request secure TLS/SSL encryption when connecting to the LDAP
   server, providing the server has StartTLS enabled.
 #. In the :guilabel:`Login information` section, enter the ID and password of the account used to
   query the server in the :guilabel:`LDAP binddn` and :guilabel:`LDAP password` fields,
   respectively. If the fields are left empty, the server will perform the query anonymously.
 #. In the :guilabel:`Process parameter` section, enter:
-.. image:: ldap/ldap01.png
+   - the LDAP server's name in the :guilabel:`LDAP base` field using LDAP format
-    :align: center
+     (e.g., ``dc=example,dc=com``);
-    :alt: LDAP Authentication checkbox highlighted in the integrations settings on Odoo.
+   - ``uid=%s`` in the :guilabel:`LDAP filter` field.
-.. image:: ldap/ldap02.png
+#. In the :guilabel:`User information` section:
    :align: center
    :alt: Create highlighted in the LDAP server settings.
- Choose the company using the LDAP.
+   - Enable :guilabel:`Create user` to create a user profile in Odoo the first time someone logs in
     using LDAP;
   - Select the :guilabel:`User template` to be used to create the new user profiles. If no template
     is selected, the administrator's profile is used.
-.. image:: ldap/ldap03.png
+.. note::
-    :align: center
+   When using Microsoft Active Directory (AD) for LDAP authentication, if users experience login
-    :alt: Select the company drop-down menu highlighted in LDAP setup.
+   issues despite using valid credentials, create a new system parameter to disable referral chasing
   in the LDAP client:
- In **Server Information**, enter the IP address of the server and the port it listens to.
+    #. :ref:`Activate the developer mode. <developer-mode>`
    #. Go to :menuselection:`Settings --> Technical --> System Parameters` and click
       :guilabel:`New`.
    #. Fill in the fields:
- Tick **Use TLS** if the server is compatible.
+       - :guilabel:`Key`: ``auth_ldap.disable_chase_ref``
-
+       - :guilabel:`Value`: ``True``
 .. image:: ldap/ldap04.png
    :align: center
    :alt: LDAP server settings highlighted in LDAP server setup on Odoo.
 - In **Login Information**, enter ID and password of the account used to query the server. If left
  empty, the server queries anonymously.
 .. image:: ldap/ldap05.png
    :align: center
    :alt: Login information highlighted in LDAP server setup on Odoo.
 - In **Process Parameter**, enter the domain name of the LDAP server in :abbr:`LDAP (Lightweight
  Directory Access Protocol)` nomenclature (e.g. ``dc=example,dc=com``).
 - In **LDAP filter**, enter ``uid=%s``
 .. image:: ldap/ldap06.png
    :align: center
    :alt: Process parameter highlighted in LDAP server setup on Odoo.
 - In **User Information**, tick *Create User* if Odoo should create a User profile the first time
  someone logs in with :abbr:`LDAP (Lightweight Directory Access Protocol)`.
 - In **Template User**, indicate a template for the new profiles created. If left blanked, the admin
  profile will be used as template.
 .. image:: ldap/ldap07.png
    :align: center
    :alt: User information highlighted on LDAP server setup on Odoo.
--- a/content/applications/general/users/ldap/ldap01.png
+++ b/content/applications/general/users/ldap/ldap01.png
--- a/content/applications/general/users/ldap/ldap02.png
+++ b/content/applications/general/users/ldap/ldap02.png
--- a/content/applications/general/users/ldap/ldap03.png
+++ b/content/applications/general/users/ldap/ldap03.png
--- a/content/applications/general/users/ldap/ldap04.png
+++ b/content/applications/general/users/ldap/ldap04.png
--- a/content/applications/general/users/ldap/ldap05.png
+++ b/content/applications/general/users/ldap/ldap05.png
--- a/content/applications/general/users/ldap/ldap06.png
+++ b/content/applications/general/users/ldap/ldap06.png
--- a/content/applications/general/users/ldap/ldap07.png
+++ b/content/applications/general/users/ldap/ldap07.png