Setting Up LDAP Authentication for Kanboard 🌱

NOTE: This tutorial assumes Kanboard is already installed and running. If it isn't, follow one of these tutorials to install it
Linux: https://youtu.be/
Windows: https://youtu.be/on_8FD3DRKk

What is Kanboard?

Kanboard is project management software that focuses on the Kanban methodology. -https://github.com/kanboard/kanboard

Active Directory Setup

  1. Open Active Directory Users and Computers
  2. Expand the domain > Users
  3. Right Click Users > New > User
  4. Create a read only account to use for LDAP binding

    First Name: Read
    Last Name: Only
    User logon name: readonly_svc

  5. Click Next
  6. Set the user's password and confirm it
  7. Uncheck User must change password on next logon
  8. Check User cannot change password
  9. Check Password never expires > Click Next
  10. Click Finish
  11. Right Click Users > New > Group
  12. Give the group a name (ie DevTeam) and click OK
  13. Right Click the newly created group > Properties
  14. Select the Members tab > Click Add...
  15. Add users that will be allowed access Kanboard
  16. Click OK

Configuring Kanboard for LDAP

  1. Navigate to the PHP install directory in File Explorer
  2. Edit php.ini in a text editor
  3. Find the ldap extension and make sure it is enabled by removing the # at the start of the line

    extension=ldap

  4. Save the changes to php.ini
  5. Restart the Apache HTTPD service
  6. Navigate to the Kanboard installation directory
  7. Edit config.php in a text editor
  8. Edit the following fields to configure the LDAP connection

    define('LDAP_AUTH', true);
    define('LDAP_SERVER', 'ldap://i12bretro.local:389');
    define('LDAP_BIND_TYPE', 'proxy');
    define('LDAP_USERNAME', 'readonly_svc@i12bretro.local');
    define('LDAP_PASSWORD', 'Read0nly!!');
    define('LDAP_USER_BASE_DN', 'CN=Users,DC=i12bretro,DC=local');
    define('LDAP_USER_FILTER', '(&(objectClass=user)(sAMAccountName=%s)(memberof=cn=DevTeam,CN=Users,dc=i12bretro,dc=local))');
    define('LDAP_USER_ATTRIBUTE_USERNAME', 'sAMAccountName');

  9. Save the changes to config.php
  10. Open a browser and navigate to the Kanboard URL
  11. Attempt logging in with a valid LDAP user name and password

Documentation: https://docs.kanboard.org/en/latest/admin_guide/ldap_authentication.html