What are Cool Solutions?
At Univention we define Cool Solutions as solutions which expand UCSs with expedient and useful functions and which are deployed successfully by our customers. We regularly present these solutions in Wiki as Cool Solutions articles.
The Univention blog is a collection of the most popular Cool Solutions. Today, we will be looking at Redmine, a free project management software which we have been using in professional services for many years for internal administration and to coordinate customer projects.
What is Redmine?
Redmine is a free project management software written in Ruby. Redmine allows you to organize project tasks, break down projects into sub-projects and allocate the tasks to be processed to Redmine users.
It includes the following features:
- Project planning and management
- Issue tracking system
- Wiki and discussion forum
- Repository and access to version control systems
- Authorization system
- News and messaging system
Redmine can be compared with the Python tool Trac, although the focus here is less on software development and more on project work.
Unlike Trac, Redmine has been designed to work with several version control systems:
- Subversion (SVN)
When a control system is activated, Redmine recognizes whether this is installed and available on the system and automatically handles integration.
How is Redmine installed?
You can either install Redmine through the local package manager and get automatic updates or install Redmine manually on the system. For this you can, for example, use a tutorial that explains how Redmine is installed on Debian 9. As UCS is also based on Debian 9, the manual is easily applicable.
How do I configure Redmine?
Redmine is configured directly in the web browser. To this end, you need to log into Redmine using an account with administration rights. The menu item Administration is additionally available to users with such rights.
In this blog article, I am only going to be looking at LDAP configuration. For more detailed documentation go to the Redmine project web page.
A new LDAP connection can be saved via administration in the “LDAP authentication” area with the button New Authentication Mode.
The mandatory fields are marked with an asterisk:
- Base DN
- Member name attribute
Any name can be entered in the Name field for the LDAP connection. In the Host field, the FQDN of the LDAP server must be entered. In the Port field, the corresponding LDAP port must be entered, with UCS this is “7389”. The Base-DN field requires the LDAP base. This can be determined on the command line with the comman
ucr get ldap/base
Alternatively, this information can be called up from the license information in the UMC (via User menu → License→ License information). If the LDAP permits an anonymous search (without authentication), users can now login if they already exist in the Redmine database.
If the LDAP cannot be searched anonymously (standard in the UCS), a user must be additionally specified for searching in the LDAP. The fields
are to be filled in accordingly for this. The user’s DN with which the LDAP search is to be conducted, must be entered in the Account file. The DN for a user can be determined by entering the following command in the command line:
univention-ldapsearch -LLL uid=searchuser dn
The Password field requires the user’s password. It is recommended to create a separate user for searching in the LDAP. For more details on this, refer to the Univention Wiki article Cool Solution – LDAP search user.
The other fields
- Time-out (in seconds)
- On-the-fly user creation
are optional. In the field LDAP Filter it can be specified using the filter that, for example, only users with an e-mail address can log into Redmine or that the user must be linked to a certain object class. The field Time-out (in seconds) allows you to set how long login via the LDAP should be attempted before aborting. The last field On-the-fly user creation controls whether a user, assuming it does not yet exist, is to be created in Redmine.
Information from the LDAP can be transferred to Redmine via the four fields in the following “Attributes” table. The specific LDAP attribute must be stated from which the information from the LDAP should be read out. The field Member Name Attribute is mandatory and must be assigned the user name as the LDAP attribute, with UCS this is “uid”. The Firstname attribute field can contain the LDAP attribute for the firstname, with UCS, this is “givenName”. In the Name attribute field, the LDAP attribute for the last name can be entered, with UCS this is “sn”. The LDAP attribute can be entered in the field Email attribute which contains an e-mail address. With UCS, the LDAP attributes
can be used. These three optional attributes are only entered for user creation and can be subsequently changed by the user in the user settings.
The configuration is then saved and login to Redmine with the domain user is possible. The respective user name (LDAP attribute “uid”) is used as the login name together with the relevant password. When logging in for the first time, if the field On-the-fly user creation was activated, then the user is created in Redmine. A password, however, is never saved in the Redmine database since users are always authenticated using the UCS LDAP.