<title>10. Authentication</title><linkrel="stylesheet"href="html.css"type="text/css"><metaname="generator"content="DocBook XSL Stylesheets V1.70.1"><linkrel="start"href="index.html"title="Documentation"><linkrel="up"href="ch01.html"title="Chapter 1. Administration"><linkrel="prev"href="ch01s09.html"title="9. E-mail notifications"><linkrel="next"href="ch01s11.html"title="11. Settings"></head><body><ahref="http://redmine.rubyforge.org/"><imgsrc="../redmine.png"alt="redmine"></a><divclass="navheader"><tablewidth="100%"summary="Navigation header"><tr><thcolspan="3"align="center">10. Authentication</th></tr><tr><tdwidth="20%"align="left"><aaccesskey="p"href="ch01s09.html">Prev</a> </td><thwidth="60%"align="center">Chapter 1. Administration</th><tdwidth="20%"align="right"> <aaccesskey="n"href="ch01s11.html">Next</a></td></tr></table><hr></div><divclass="section"lang="en"><divclass="titlepage"><div><div><h2class="title"style="clear: both"><aname="d0e254"></a>10. Authentication</h2></div></div></div><p>By default, redMine refers to its own database to authenticate users, by a specific password.</p><p>If you already have one or several external user references (like LDAP), you can make them known in order to be used for authentication on redMine. This allows users to access redMine with their usual user names and passwords.</p><p>For each known reference, you can specify if the accounts can be created on the fly on redMine. If needed, the user accounts will be created automatically during the user’s signing in (without any specific rights on the projects), according to information available in the reference. Otherwise, the administrator must have previously created the user account on redMine.</p><p></p><divclass="section"lang="en"><divclass="titlepage"><div><div><h3class="title"><aname="d0e264"></a>10.1. LDAP statement</h3></div></div></div><p></p><divclass="itemizedlist"><ultype="disc"><li><p><spanclass="guilabel">Name</span> : reference display name</p></li><li><p><spanclass="guilabel">Host</span> : LDAP server host name</p></li><li><p><spanclass="guilabel">Port</span> : connection port to the LDAP server</p></li><li><p><spanclass="guilabel">Account</span> : DN of the connection account to LDAP (please leave it blank if the directory authorizes anonymous read access)</p></li><li><p><spanclass="guilabel">Password</span> : password of the connection account</p></li><li><p><spanclass="guilabel">Base DN</span> : Basic DN used for user search in the directory</p></li><li><p><spanclass="guilabel">LDAP screen</span> : User search screen in the directory (optional)</p></li><li><p><spanclass="guilabel">LDAP features</span> :</p><divclass="itemizedlist"><ultype="circle"><li><p><spanclass="guilabel">Identifier</span> : LDAP feature name used as user identifier (e.g.: uid)</p></li><li><p><spanclass="guilabel">First name</span> : LDAP feature name including the user’s first name (ex: givenName)</p></li><li><p><spanclass="guilabel">Last name</span> : LDAP feature name including the user’s last name (ex: familyName)</p></li><li><p><spanclass="guilabel">E-mail</span> : LDAP feature name including the user’s e-mail address (ex: mail)</p></li></ul></div></li></ul></div><p>The features" <spanclass="guilabel">First name</span> ", " <spanclass="guilabel">Last name</span> " and " <spanclass="guilabel">E-mail</span> " are not used except when the accounts are created on the fly.</p></div></div><divclass="navfooter"><hr><tablewidth="100%"summary="Navigation footer"><tr><tdwidth="40%"align="left"><aaccesskey="p"href="ch01s09.html">Prev</a> </td><tdwidth="20%"align="center"><aaccesskey="u"href="ch01.html">Up</a></td><tdwidth="40%"align="right"> <aaccesskey="n"href="ch01s11.html">Next</a></td></tr><tr><tdwidth="40%"align="left"valign="top">9. E-mail notifications </td><tdwidth="20%"align="center"><aaccesskey="h"href="index.html">Home</a></td><tdwidth="40%"alig