Allows synapse to use LDAP as a password provider.
This allows users to log in to synapse with their username and password from an LDAP server. There is also mxisd (https://github.com/kamax-io/mxisd) (3rd party) that offers more fully-featured integration.
- Via deb package python-matrix-synapse-ldap3 available in the same repo as the synapse package
- Via python's package manager: pip install matrix-synapse-ldap3
Example synapse config:
password_providers:
- module: "ldap_auth_provider.LdapAuthProvider"
config:
enabled: true
uri: "ldap://ldap.example.com:389"
start_tls: true
base: "ou=users,dc=example,dc=com"
attributes:
uid: "cn"
mail: "email"
name: "givenName"
#bind_dn:
#bind_password:
#filter: "(objectClass=posixAccount)"
matrix-synapse-ldap3
logging is included in the Synapse homeserver log
(typically homeserver.log
). The LDAP plugin log level can be increased to
DEBUG
for troubleshooting and debugging by making the following modifications
to your Synapse server's logging configuration file:
- Set the value for handlers.file.level to DEBUG:
handlers:
file:
# [...]
level: DEBUG
- Add the following to the loggers section:
loggers:
# [...]
ldap3:
level: DEBUG
ldap_auth_provider:
level: DEBUG
Finally, restart your Synapse server for the changes to take effect:
synctl restart