Enable Dark Mode!
how-to-configure-openldap-in-odoo.jpg
By: Jibin

How to Configure OpenLDAP in Odoo

Technical

Some Directory services databases are used to store organizational data, policy, and authentication details, such as Active directory. LDAP(Lightweight Directory Access Protocol) is a protocol used to communicate with directory service databases.
Since the directory service stores organizational level data, i.e., user data or team/group level data, the LDAP helps in managing user or group level data to access mechanisms, i.e., what they can access.
In this blog, we will be discussing how to configure LDAP in Odoo. Since LDAP contains the user-level data, a user-defined in LDAP can access Odoo(initially not an Odoo user) based on the Odoo-LDAP configuration, i.e., Odoo authentication via LDAP.
To configure LDAP, the LDAP module should be installed in Odoo.
The general setting under the integration section enables the option for LDAP Authentication.

how-to-configure-openldap-in-odoo

Click create from the tree view.

how-to-configure-openldap-in-odoo

On the form, we can see different fields.

how-to-configure-openldap-in-odoo

1) The first field is for selecting the company. Select any.
2) It has a server information section or an LDAP server address; add the server IP here. If it’s in localhost normally, it will be 127.0.0.1

3) LDAP server port: the default port for LDAP service is 389
4) Use TLS: set to False

Now it has a login information section.
5) LDAP binddn: Admin/user login ID  cn=admin,dc=jibin,dc=com
Here cn is the common name for the user, and dc is the domain component configured while installing the LDAP service.
6) LDAP password: LDAP password for the user
Now in the process parameter section.
7) LDAP base: Its the domain scope for search for the user when logging in to Odoo like dc=jibin,dc=com
8) LDAP filter: when a user login to Odoo, this filer helps in the login process
E.g., if the value is mail=%s, it searches for the user with the mail ID used for login in Odoo, in the LDAP. 

If the value for the field is uid=%s, then it will search for the user with the corresponding user ID in the LDAP.

Under the user Information section
9) Create User:  if enabled, it will create a user in Odoo

If not enabled, we have to create one user in Odoo manually without a password, and when the user logs in, it will check for Odoo password, and if not enabled, it will check for the password in the LDAP directory.
Note: in this case, we need to provide/ user id for login is the email address in the user form, so the LDAP filter field should be like mail=%s, and we have to define a mail for the LDAP user in LDAP.
10) Template user: if not selected, it will use the default Odoo user template; else, use the selected templated details while creating a new user and will provide the user groups and access right as defined in the template.

how-to-configure-openldap-in-odoo

After the configuration, if you try to login with another user who is not present in Odoo but is in LDAP, then Odoo will communicate with LDAP and check based on the  LDAP filter filed for the LDAP user in LDAP and creates a user in Odoo and will authenticate/login into Odoo.
Suppose it typically enables to otherwise option and hasn’t created a user in Odoo. In that case, it will show some error at the time of login(see the image below), so instead of creating one user in Odoo, it will be better if we use the create user option and select the desired user template.

how-to-configure-openldap-in-odoo

So this is all about Odoo LDAP configuration and Odoo authentication.


If you need any assistance in odoo, we are online, please chat with us.



0
Comments



Leave a comment

 


whatsapp
location

Calicut

Cybrosys Technologies Pvt. Ltd.
Neospace, Kinfra Techno Park
Kakkancherry, Calicut
Kerala, India - 673635

location

Kochi

Cybrosys Technologies Pvt. Ltd.
1st Floor, Thapasya Building,
Infopark, Kakkanad,
Kochi, India - 682030.

location

Bangalore

Cybrosys Techno Solutions
The Estate, 8th Floor,
Dickenson Road,
Bangalore, India - 560042

Send Us A Message