This article will explain, how to setup Redmine with ldap authentication in UCS 4.4. The Ruby on Rails version of UCS 4.4 is not suitable for a native Installation of Redmine as it has been the case for UCS 4.0. Therefore this cool solution will be based on the instrutions on Docker Hub and install Redmine based on two standard Docker container.
Running Redmine on a Docker container with a database server
For multi-user production it is recommended to run Redmine with a database server.
First the PostgreSQL database container is started on the command line by
docker run -d --name some-postgres --restart=always -e POSTGRES_PASSWORD=<password> -e POSTGRES_USER=redmine postgres
Please make sure to replace with your own password for the PostgreSQL database. The –name option assigns the name “some-postgres” to your Docker container. When this option isn’t set, a random string “name” will be generate instead. Setting the –restart option to “always” guarantees an automatic restart when UCS is booted.
Then Redmine can be started for instance on port 3000 by
docker run -p 3000:3000 -d --name some-redmine --restart=always --link some-postgres:postgres redmine
A network connection via port 3000 is not encrypted. For an encrypted connection, you will have to change the configuration of your webserver to make a connection via port 443.
Now you can find redmine at either: localhost:3000, your-ip:3000 or your-FQDN:3000. You can login with username=admin and password=admin. Next you will be asked to create a new password, follow the instructions and confirm by clicking Apply.
Configuration of redmine
Create a simple authentication account
To set up an LDAP authentication for Redmine you first need to set up an simple authentication account by using the UMC. Here you can follow the steps of the corresponding cool solution. After having created your account, you can get the DN of it by running
udm users/ldap list --filter name=<name of the account> | grep DN
on the command line.
Configuration of redmine for ldap authentication
Go to redmine (again with localhost:3000, your-ip:3000 or your-FQDN:3000) and login with admin and your password. Go to administration -> LDAP authentication. Create a new authentication mode with the following settings.
Name =
My Directory
Host =master.domain.org(get with: ‘‘hostname -f’’)
Port =7636
Mode =LDAPS (optional: without certificate check)
Account =<DN of the authentication account>
Password =<password of the authentication account>
Base DN =DC=host,DC=domain,DC=org(get with: ‘‘ucr get ldap/base’’)
On-the-fly user creation =yes
Attributes
Login =
uid
Firstname =givenName
Lastname =sn
Email =mailPrimaryAddress
By checking on-the-fly user creation, any LDAP user will have his redmine account automatically created the first time he logs into redmine. For that, you have to specify the LDAP attributes name (firstname, lastname, email) that will be used to create their redmine accounts. See RedmineLDAP for further information. After saving the settings, you can test the connection by clicking on Test next to your newly created authentication mode.
Note: When creating a redmine user in UCS, the email address goes in the Contact tab of the User creation form.
User data will be retrieved the first time the user logs in. Changes in UCS do not get automatically updated to redmine DB.