{ "info": { "author": "Slipeer", "author_email": "slipeer@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Plugins", "License :: OSI Approved :: Apache Software License", "Programming Language :: Python :: 2", "Topic :: Communications :: Chat" ], "description": "Synapse LDAP pasword provider\n=============================\n\n- Allows synapse to use LDAP database as a password provider.\n- Allows to map mail and msisdn (phone) from LDAP (check usage note!)\n- Allows implementing independent account lockout policy, to prevent Active Directory users locking by external bruteforce attack.\n\nTravis-CI Build Status\n======================\n.. image:: https://travis-ci.org/slipeer/synapse-ldap-password-provider.svg?branch=master\n :target: https://travis-ci.org/slipeer/synapse-ldap-password-provider\n\nInstallation\n------------\n\n- Via python's package manager: `pip install synapse-ldap-password-provider`\n- Via python's package manager from git: `pip install https://github.com/slipeer/synapse-ldap-password-provider/tarball/master`\n\nUsage\n-----\n\nExample synapse config:\n\n.. code:: yaml\n\n password_providers:\n - module: \"synapse_ldap_password_provider.LDAPPasswordProvider\"\n config:\n enabled: true\n uri: \"ldap://ldap.example.com:389\"\n start_tls: true\n base: \"ou=users,dc=example,dc=com\"\n attributes:\n uid: \"samaccountname\"\n name: \"DisplayName\"\n # Optional. Please read usage note!\n mail: \"email\"\n # Optional. Please read usage note!\n msisdn: \"phone\"\n #bind_dn:\n #bind_password:\n #filter: \"(&(objectClass=user)(objectCategory=person))\"\n # If you do not want your internal users to be blocked from outside\n # by scrambling passwords through this service, then you need\n # implement a more rigid account lockout policy then in yor LDAP server\n # This example user locks after 5 badd attemps to 5 minutes\n account_lockout_policy:\n locktime_s: 300\n attemps: 5\n\n\nDo not use ``cn`` attribute as uid. It's common mistake: ``cn`` attribute not uniqe in LDAP tree in most schemas!\nIt's work fine only in very simple LDAP installations without complex Organizational Units structire.\nYou can use: ``samaccountname``, ``uid`` or ``userPrincipalName`` (depending on the schemes in your system). These attributes are always unique.\n\nUsage note\n----------\n\nUse attributes ``mail`` and ``msisdn`` from the LDAP only if your identity server is also integrated with LDAP and looks for 3pd in these attributes.\nOtherwise it will not work properly. If you seach identity server with LDAP integration you can try my sydent fork https://github.com/slipeer/sydent\n\nAccount Lockout Policy\n----------------------\nIf you do not want your internal users to be blocked from outside by scrambling passwords through this service, then you need \nimplement a more rigid account lockout policy then on your LDAP server.\n\n\nTroubleshooting and Debugging\n-----------------------------\n\n``synapse-ldap-password-provider`` logging is included in the Synapse homeserver log\n(typically ``homeserver.log``). The LDAP plugin log level can be increased to\n``DEBUG`` for troubleshooting and debugging by making the following modifications\nto your Synapse server's logging configuration file:\n\n- Set the value for `handlers.file.level` to `DEBUG`:\n\n.. code:: yaml\n\n handlers:\n file:\n # [...]\n level: DEBUG\n\n- Add the following to the `loggers` section:\n\n.. code:: yaml\n\n loggers:\n # [...]\n ldap3:\n level: DEBUG\n synapse_ldap_password_provider:\n level: DEBUG\n\nFinally, restart your Synapse server for the changes to take effect:\n\n.. code:: sh\n\n\n synctl restart", "description_content_type": null, "docs_url": null, "download_url": "https://github.com/slipeer/synapse-ldap-password-provider/archive/1.0.tar.gz", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/slipeer/synapse-ldap-password-provider", "keywords": null, "license": "UNKNOWN", "maintainer": null, "maintainer_email": null, "name": "synapse_ldap_password_provider", "package_url": "https://pypi.org/project/synapse_ldap_password_provider/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/synapse_ldap_password_provider/", "project_urls": { "Download": "https://github.com/slipeer/synapse-ldap-password-provider/archive/1.0.tar.gz", "Homepage": "https://github.com/slipeer/synapse-ldap-password-provider" }, "release_url": "https://pypi.org/project/synapse_ldap_password_provider/1/", "requires_dist": null, "requires_python": null, "summary": "LDAP3 password provider for Synapse", "version": "1" }, "last_serial": 2945948, "releases": { "1": [ { "comment_text": "", "digests": { "md5": "a9829c6c3dc4082c5af69aeb00eafbf0", "sha256": "6002918900d37323f0e4e99e4c68f8f9eaf87a15fe2bfd75385e678ebe9ef26a" }, "downloads": -1, "filename": "synapse_ldap_password_provider-1.tar.gz", "has_sig": false, "md5_digest": "a9829c6c3dc4082c5af69aeb00eafbf0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13273, "upload_time": "2017-06-13T05:39:45", "url": "https://files.pythonhosted.org/packages/14/73/a48fc78fa43330f960f85a46a483d86d517bf9949c71f6cebfd937f9f131/synapse_ldap_password_provider-1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "a9829c6c3dc4082c5af69aeb00eafbf0", "sha256": "6002918900d37323f0e4e99e4c68f8f9eaf87a15fe2bfd75385e678ebe9ef26a" }, "downloads": -1, "filename": "synapse_ldap_password_provider-1.tar.gz", "has_sig": false, "md5_digest": "a9829c6c3dc4082c5af69aeb00eafbf0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13273, "upload_time": "2017-06-13T05:39:45", "url": "https://files.pythonhosted.org/packages/14/73/a48fc78fa43330f960f85a46a483d86d517bf9949c71f6cebfd937f9f131/synapse_ldap_password_provider-1.tar.gz" } ] }