documentation/content/applications/general/users/ldap.md
2025-02-27 18:56:07 +07:00

2.1 KiB

LDAP authentication

To configure {abbr}LDAP (Lightweight Directory Access Protocol) authentication in Odoo:

  1. Open the Settings app, scroll down to the {guilabel}Integrations section, and enable {guilabel}LDAP Authentication.

  2. Click {guilabel}Save, then go back to the {guilabel}Integrations section and click {guilabel}LDAP Server.

  3. In the {guilabel}Set up your LDAP Server list, click {guilabel}New, then select the required company in the dropdown list.

  4. In the {guilabel}Server information section, enter the server's IP address and port in the {guilabel}LDAP server address and {guilabel}LDAP Server port fields, respectively.

  5. Enable {guilabel}Use TLS to request secure TLS/SSL encryption when connecting to the LDAP server, providing the server has StartTLS enabled.

  6. In the {guilabel}Login information section, enter the ID and password of the account used to query the server in the {guilabel}LDAP binddn and {guilabel}LDAP password fields, respectively. If the fields are left empty, the server will perform the query anonymously.

  7. In the {guilabel}Process parameter section, enter:

    • the LDAP server's name in the {guilabel}LDAP base field using LDAP format (e.g., dc=example,dc=com);
    • uid=%s in the {guilabel}LDAP filter field.
  8. In the {guilabel}User information section:

    • Enable {guilabel}Create user to create a user profile in Odoo the first time someone logs in using LDAP;
    • Select the {guilabel}User template to be used to create the new user profiles. If no template is selected, the administrator's profile is used.

:::{note} When using Microsoft Active Directory (AD) for LDAP authentication, if users experience login issues despite using valid credentials, create a new system parameter to disable referral chasing in the LDAP client:

  1. {ref}Activate the developer mode. <developer-mode>

  2. Go to {menuselection}Settings --> Technical --> System Parameters and click {guilabel}New.

  3. Fill in the fields:

    • {guilabel}Key: auth_ldap.disable_chase_ref
    • {guilabel}Value: True :::