Hello all,
we have developed a patch to make group synchronization work.
Please have a look at the attached patch or see
http://www.mediawiki.org/wiki/Extension_talk:LDAP_Authentication#Group_Sync…
Regards,
Bjoern
--- LdapAuthentication.php-orig 2007-03-08 13:37:22.070548000 +0100
+++ LdapAuthentication.php 2007-04-05 19:00:56.267368111 +0200
@@ -1237,6 +1237,8 @@
foreach ($info as $i) {
$mem = strtolower($i['dn']);
$shortnamemem = strtolower($i[$nameattribute][0]);
+ //removing bogus AD groups with SSIDs or such in curly brackets behind name
+ if (strstr($mem, '{')) continue;
array_push($groups,$mem);
array_push($shortnamegroups,$shortnamemem);
@@ -1290,7 +1292,7 @@
$this->printDebug("Pulling groups from LDAP.",1);
# add groups permissions
- $localAvailGrps = $user->getAllGroups();
+ $localAvailGrps = array_merge($user->getAllGroups(), $this->allLDAPGroups);
$localUserGrps = $user->getEffectiveGroups();
$this->printDebug("Available groups are: " . implode(",",$localAvailGrps) . "",1);
Am I right, that LdapAuthentication.php at present does not offer a
single_sign-on access but "only" the security of authentication, so that
only authorized people have access to the company's wiki?
Thanks,
Hanfred