Cool Solution - Install Redmine and setup ldap authentication

cool-solution
ucs-4-3
ucs-4-4

#1

This article will explain, how to setup Redmine with ldap authentication in UCS 4.4. The Ruby on Rails version of UCS 4.4 is not suitable for a native Installation of Redmine as it has been the case for UCS 4.0. Therefore this cool solution will be based on the instrutions on Docker Hub and install Redmine based on two standard Docker container.

Running Redmine on a Docker container with a database server

For multi-user production it is recommended to run Redmine with a database server.

First the PostgreSQL database container is started on the command line by

docker run -d --name some-postgres --restart=always -e POSTGRES_PASSWORD=<password> -e POSTGRES_USER=redmine postgres

Please make sure to replace with your own password for the PostgreSQL database. The –name option assigns the name “some-postgres” to your Docker container. When this option isn’t set, a random string “name” will be generate instead. Setting the –restart option to “always” guarantees an automatic restart when UCS is booted.

Then Redmine can be started for instance on port 3000 by

docker run -p 3000:3000 -d --name some-redmine --restart=always --link some-postgres:postgres redmine

A network connection via port 3000 is not encrypted. For an encrypted connection, you will have to change the configuration of your webserver to make a connection via port 443.

Now you can find redmine at either: localhost:3000, your-ip:3000 or your-FQDN:3000. You can login with username=admin and password=admin. Next you will be asked to create a new password, follow the instructions and confirm by clicking Apply.

Configuration of redmine

Create a simple authentication account

To set up an LDAP authentication for Redmine you first need to set up an simple authentication account by using the UMC. Here you can follow the steps of the corresponding cool solution. After having created your account, you can get the DN of it by running

udm users/ldap list --filter name=<name of the account> | grep DN

on the command line.

Configuration of redmine for ldap authentication

Go to redmine (again with localhost:3000, your-ip:3000 or your-FQDN:3000) and login with admin and your password. Go to administration -> LDAP authentication. Create a new authentication mode with the following settings.

Name = My Directory
Host = master.domain.org (get with: ‘‘hostname -f’’)
Port = 7636
Mode = LDAPS (optional: without certificate check)
Account = <DN of the authentication account>
Password = <password of the authentication account>
Base DN = DC=host,DC=domain,DC=org (get with: ‘‘ucr get ldap/base’’)
On-the-fly user creation = yes

Attributes

Login = uid
Firstname = givenName
Lastname = sn
Email = mailPrimaryAddress

By checking on-the-fly user creation, any LDAP user will have his redmine account automatically created the first time he logs into redmine. For that, you have to specify the LDAP attributes name (firstname, lastname, email) that will be used to create their redmine accounts. See RedmineLDAP for further information. After saving the settings, you can test the connection by clicking on Test next to your newly created authentication mode.

Note: When creating a redmine user in UCS, the email address goes in the Contact tab of the User creation form.
User data will be retrieved the first time the user logs in. Changes in UCS do not get automatically updated to redmine DB.

Further links