Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:2.1:cli_examples [2019/11/07 14:04]
maxbes [Configure SAML Identity Provider]
documentation:2.1:cli_examples [2020/04/23 16:33] (current)
coudot
Line 3: Line 3:
 This page shows some examples of LL::NG Command Line Interface. See [[configlocation#​command_line_interface_cli|how to use the command]]. This page shows some examples of LL::NG Command Line Interface. See [[configlocation#​command_line_interface_cli|how to use the command]].
  
 +<note important>​On Debian, the command is located in ''/​usr/​share/​lemonldap-ng/​bin''​ and on CentOS in ''/​usr/​libexec/​lemonldap-ng/​bin''​. Adapt the path for the system you are using.</​note>​
 ===== Save/​restore configuration ===== ===== Save/​restore configuration =====
  
Line 16: Line 17:
 /​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli restore - <​config.json /​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli restore - <​config.json
 </​code>​ </​code>​
 +
 +Rollback (restore previous configuration):​
 +
 +<code shell>
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli rollback
 +</​code>​
 +
  
 ===== Configure HTTPS ===== ===== Configure HTTPS =====
Line 196: Line 204:
         ldapGroupAttributeNameUser dn \         ldapGroupAttributeNameUser dn \
         ldapGroupRecursive 1         ldapGroupRecursive 1
 +</​code>​
 +
 +===== Configure CAS Identity Provider =====
 +
 +You just have to enable the CAS server feature, and you can set the access control policy (see [[idpcas#​configuring_the_cas_service|CAS service options]]):
 +<​code>​
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \
 +    set \
 +        issuerDBCASActivation 1 \
 +        casAccessControlPolicy error
 +</​code>​
 +
 +===== Register a CAS application =====
 +
 +This is only required if your access control policy is not ''​none''​.
 +
 +In this example we have:
 +  * App configuration key: testapp
 +  * App service URL: https://​testapp.example.com/​
 +  * App exported attribute: mail and cn
 +
 +<​code>​
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \
 +    addKey \
 +        casAppMetaDataExportedVars/​testapp mail mail \
 +        casAppMetaDataExportedVars/​testapp cn cn
 +        casAppMetaDataOptions/​testapp casAppMetaDataOptionsService '​https://​testapp.example.com/'​
 </​code>​ </​code>​