MediaWiki-l May 2010

mediawiki-l@lists.wikimedia.org

108 participants
150 discussions

by Ian Diston

Hi I am trying to implement a mediawiki for our organisation, but have hit a problem that I am unable (so far) to remedy. Your online documentation has been an absolute god send. I have an implementation in a Virtual Environment that has no restrictions as far as Firewall or Networking is concerned. Using your documentation as a baseline for the LDAP Plugin I have managed to get authentication working using LDAP when setting $wgLDAPEncryptionType = array('internalwiki' => 'clear');. However, when trying to use SSL I hit a problem. We know that LDAP works on 389 and 636 between the two servers as we have used "LDAP.exe" to connect and bind. At this point I should provide details on our environment: DMZ Server * Windows 2003 R2 32bit * IIS6.0 * fcgisetup_1.5_rtw_x86.msi * mysql-essential-5.1.44-win32.msi * php-5.2.12-nts-win32-installer.msi * MediaWiki 1.15.2 * LDAPAuthentication Plugin 1.2b * Root Certificate installed and trusted on the Server Separate Domain Server * Windows 2003 R2 Active Directory (Root CA) My LDAPAuthentication.php file has the following settings: <?php require_once("$IP/extensions/LdapAuthentication/LdapAuthentication.php"); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array(' vDomain '); $wgLDAPServerNames = array('vmdomain' => 'vmad.vDomain.local'); $wgLDAPSearchStrings = array('vmdomain' => 'vmDomain\\USER-NAME'); $wgLDAPEncryptionType = array('vmdomain' => 'ssl'); $wgLDAPGroupUseFullDN = array( "vmdomain"=>true ); $wgLDAPBaseDNs = array( "vmdomain"=>"dc=vmDomain,dc=local" ); $wgLDAPSearchAttributes = array( "vmdomain" => "sAMAccountName"); $wgLDAPGroupObjectclass = array( "vmdomain"=>"group" ); $wgLDAPGroupAttribute = array( "vmdomain"=>"member" ); $wgLDAPGroupNameAttribute = array( "vmdomain"=>"cn" ); $wgLDAPRequiredGroups = array( "vmdomain"=>array("cn=wiki users,ou=application security groups,ou=security,ou=groups,dc=vDomain,dc=local") ); # Enable the "local" option on the login page. Enabled initially so we can use the WikiSysop user. Set to false to remove. $wgLDAPUseLocal = true; $wgMinimalPasswordLength = 1; # Debug options - uncomment to enable detailed debugging $wgDebugLogGroups["ldap"] = "D:\Logfile\LDAP.log"; $wgLDAPDebug = 6; ?> These are the results that I get when I try and authenticate. Clear 2010-05-12 04:08:17 mediawiki: Entering validDomain 2010-05-12 04:08:17 mediawiki: User is using a valid domain. 2010-05-12 04:08:17 mediawiki: Setting domain as: vDomain 2010-05-12 04:08:17 mediawiki: Entering getCanonicalName 2010-05-12 04:08:17 mediawiki: Username isn't empty. 2010-05-12 04:08:17 mediawiki: Munged username: Aadams 2010-05-12 04:08:17 mediawiki: Entering authenticate 2010-05-12 04:08:17 mediawiki: 2010-05-12 04:08:17 mediawiki: Entering Connect 2010-05-12 04:08:17 mediawiki: Using TLS or not using encryption. 2010-05-12 04:08:17 mediawiki: Using servers: ldap://vmad.vDomain.local 2010-05-12 04:08:17 mediawiki: Connected successfully 2010-05-12 04:08:17 mediawiki: Entering getSearchString 2010-05-12 04:08:17 mediawiki: Doing a straight bind 2010-05-12 04:08:17 mediawiki: userdn is: vDomain\Aadams 2010-05-12 04:08:17 mediawiki: 2010-05-12 04:08:17 mediawiki: Binding as the user 2010-05-12 04:08:17 mediawiki: Bound successfully 2010-05-12 04:08:17 mediawiki: Entering getUserDN 2010-05-12 04:08:17 mediawiki: Created a regular filter: (sAMAccountName=Aadams) 2010-05-12 04:08:17 mediawiki: Entering getBaseDN 2010-05-12 04:08:17 mediawiki: basedn is not set for this type of entry, trying to get the default basedn. 2010-05-12 04:08:17 mediawiki: Entering getBaseDN 2010-05-12 04:08:17 mediawiki: basedn is dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Using base: dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2010-05-12 04:08:17 mediawiki: Pulled the user's DN: CN=aadams,OU=External,DC=vDomain,DC=local 2010-05-12 04:08:17 mediawiki: Entering getGroups 2010-05-12 04:08:17 mediawiki: Retrieving LDAP group membership 2010-05-12 04:08:17 mediawiki: Searching for the groups 2010-05-12 04:08:17 mediawiki: Entering searchGroups 2010-05-12 04:08:17 mediawiki: Entering getBaseDN 2010-05-12 04:08:17 mediawiki: basedn is not set for this type of entry, trying to get the default basedn. 2010-05-12 04:08:17 mediawiki: Entering getBaseDN 2010-05-12 04:08:17 mediawiki: basedn is dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Search string: (&(member=CN=aadams,OU=External,DC=vDomain,DC=local)(objectclass=group)) 2010-05-12 04:08:17 mediawiki: Returned groups: cn=Appl-sec,ou=citrix security groups,ou=security,ou=groups,dc=vDomain,dc=local::cn=wiki users,ou=application security groups,ou=security,ou=groups,dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Entering checkGroups 2010-05-12 04:08:17 mediawiki: Checking for (new style) group membership 2010-05-12 04:08:17 mediawiki: Required groups: cn=wiki users,ou=application security groups,ou=security,ou=groups,dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Checking against: cn=Appl-sec,ou=citrix security groups,ou=security,ou=groups,dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Checking against: cn=wiki users,ou=application security groups,ou=security,ou=groups,dc=vDomain,dc=local 2010-05-12 04:08:17 mediawiki: Found user in a group. 2010-05-12 04:08:17 mediawiki: Entering getPreferences 2010-05-12 04:08:17 mediawiki: Entering synchUsername 2010-05-12 04:08:17 mediawiki: Authentication passed 2010-05-12 04:08:17 mediawiki: Entering updateUser SSL 2010-05-12 04:09:42 mediawiki: Entering validDomain 2010-05-12 04:09:42 mediawiki: User is not using a valid domain. 2010-05-12 04:09:42 mediawiki: Setting domain as: invaliddomain 2010-05-12 04:09:42 mediawiki: Entering allowPasswordChange 2010-05-12 04:09:42 mediawiki: Entering modifyUITemplate 2010-05-12 04:09:42 mediawiki: Allowing the local domain, adding it to the list. 2010-05-12 04:09:47 mediawiki: Entering validDomain 2010-05-12 04:09:47 mediawiki: User is using a valid domain. 2010-05-12 04:09:47 mediawiki: Setting domain as: vDomain 2010-05-12 04:09:47 mediawiki: Entering getCanonicalName 2010-05-12 04:09:47 mediawiki: Username isn't empty. 2010-05-12 04:09:47 mediawiki: Munged username: Aadams 2010-05-12 04:09:47 mediawiki: Entering authenticate 2010-05-12 04:09:47 mediawiki: 2010-05-12 04:09:47 mediawiki: Entering Connect 2010-05-12 04:09:47 mediawiki: Using SSL 2010-05-12 04:09:47 mediawiki: Using servers: ldaps://vmAD.vDomain.local 2010-05-12 04:09:47 mediawiki: Connected successfully 2010-05-12 04:09:47 mediawiki: Entering getSearchString 2010-05-12 04:09:47 mediawiki: Doing a straight bind 2010-05-12 04:09:47 mediawiki: userdn is: vDomain\Aadams002 2010-05-12 04:09:47 mediawiki: 2010-05-12 04:09:47 mediawiki: Binding as the user 2010-05-12 04:09:47 mediawiki: Failed to bind as vDomain\Aadams 2010-05-12 04:09:47 mediawiki: Entering strict. 2010-05-12 04:09:47 mediawiki: Returning false in strict(). 2010-05-12 04:09:47 mediawiki: Entering allowPasswordChange 2010-05-12 04:09:47 mediawiki: Entering modifyUITemplate 2010-05-12 04:09:47 mediawiki: Allowing the local domain, adding it to the list. Any help that you can provide would be greatly appreciated Ian Diston idiston(a)linz.govt.nz ______________________________________________________________________________________________________ This message contains information, which is confidential and may be subject to legal privilege. If you are not the intended recipient, you must not peruse, use, disseminate, distribute or copy this message. If you have received this message in error, please notify us immediately (Phone 0800 665 463 or info(a)linz.govt.nz) and destroy the original message. LINZ accepts no responsibility for changes to this email, or for any attachments, after its transmission from LINZ. Thank you. ______________________________________________________________________________________________________

13 years, 11 months

state of developing tests for MW

by dan nessett

Would someone be willing to comment on what activity currently exists on creating tests for the MW software? I notice the "t" directory no longer exists and the "tests" directory had been moved to maintenance. Furthermore, there appears to be more tests in the "tests" directory than there was 9-12 months ago. Is that an indication that someone is working on test development? Thanks, Dan Nessett

13 years, 11 months

Wikia

by Bobby S

Do you know of a list that would be a good place to discuss this?

13 years, 11 months

oddball template issue

by MK

I have a template with this in it: '''{{{foo}}}''' So foo should be bold. If foo has no value, guess what appears? ' <--------- -- MK <halfcountplus(a)intergate.com>

13 years, 11 months

Re: [Mediawiki-l] Error al subir archivos.

by Desarrolladores Uifce

Saludos, Agradecemos mucho la ayuda prestada por *Platonides*, Efectivamente, en *upload_tmp_dir* de *php.ini* no estaba ningun directorio predeterminado, asi que agregamos uno de nuestra conveniencia y todo perfecto. Muchas gracias Message: 4 Date: Tue, 11 May 2010 23:28:12 +0200 From: Platonides <Platonides(a)gmail.com> Subject: Re: [Mediawiki-l] Error al subir archivos. To: mediawiki-l(a)lists.wikimedia.org Message-ID: <hsci3f$ara$1(a)dough.gmane.org> Content-Type: text/plain; charset=ISO-8859-1 El 11/05/10 18:54, Desarrolladores Uifce escribi?: > Saludos comunidad Mediawiki, > > Estamos implementando Mediawiki, pero cuando lo montamos en el servidor, > hasta ahora todo funciona correctamente, con excepcion de que no se puede > subir archivos, el mensaje que nos sale es el siguiente: > > Titulo de la p?gina: Error interno > > Mensaje: > > No se pudo encontrar el archivo "C:\WINDOWS\Temp\php3E.tmp". > > A quien nos pueda colaborar con esto le quedar?amos muy agradecidos. > > Gracias, > > Desarrolladores UIFCE (Wiki gives Internal error, "C:\WINDOWS\Temp\php3E.tmp" not found on upload) Parece un problema al subir archivos con PHP. ?El servidor web / usuario bajo el que corre php tiene permisos de escritura en C:\WINDOWS\Temp\? (pod?is cambiar la carpeta a la que sube los ficheros en php.ini) ?Os funciona la subida de archivos desde un php b?sico?

13 years, 11 months

Can I customize my mediawiki to restrict account-creation to people with our school's email address?

by Andrew Gradman

Hello Mediawiki list, I posted this question *in more detail at the Wikipedia Reference Desk*<http://en.wikipedia.org/wiki/Wikipedia:Reference_desk/Computing#Can_I_custo…>, and the answerer suggested I forward it here. If this is not the right place to ask this question, please let me know where to go next? Here is what I posted at the reference desk: *I'm on the student senate at my school, and we want to customize our > mediawiki install so it only lets someone create an account (i.e. edit) if > their email address ends in @[school_name].edu. We also want to force their > username to be the [first].[last]@ from their email address. Later, we might > expand this to more schools, so we would want the flexibility to add other > @[school_name].edu's to have the ability to create accounts.* > > *Question 1: Is that possible?* > *Question 2: Howso? Thanks! * > Thanks! Andrew

13 years, 11 months

Move files from one wiki to an other

by T4b

I'm currently transforming a single language wiki into a multilingual wiki and I need the files which were already uploaded in the single language wiki in the pool wiki. Any suggestions on how to do that?

13 years, 11 months

Wikia

by Bobby S

Perhaps this isn't the forum for this, but I wanted to pose it to you all anyway to spark some debate and discussion. I understand this may not be popular with some... Why isn't Wikimedia or some other non-profit organization creating the "library" as Jimmy Wales likes to describe Wikia? Aren't the sites on Wikia knowledge and information just like Wikimedia's sites?...while you could argue that Wikimedia's sites are more easily classified as educational, the sites on Wikia do have information that educates on specific topics. Why then should we let a commercial company control the "library" instead of a non-profit? I understand some will argue that the fact that Wikia is copyleft means they are the good guy in the fight, but I would argue that they have no skin in the game to make their content easily accessible for other purposes and make their content easily digested without a bevy of ads in order to pay for the servers. Wondering what your thoughts are on this topic. Bobby

13 years, 11 months

Readable Recent Changes

by Adam Meyer

I have a really hard time reading recent changes easily. It is just very chaotic. I wanted to make it more readable, and was sad to see that a lot of what was needed to just apply some css to make it readable was missing. I was wondering if there is an extension to do this. Right now, I had to make some minor changes to changesList.php to do this. This is what I wanted as a final result http://wiki.bildr.org/index.php/Special:RecentChanges But it would be nice if I didnt have to edit changesList.php to do so.

13 years, 11 months

differentiating pages within a Wiki

by Boris Epstein

Hello listmates, Just wodnering if it is possible to set a Wiki in such a way that some selected pages (like the login page, for instance) could only be accessed via the secure interface (HTTPS)? Thanks, Boris.

13 years, 11 months

← Newer
1
...
8
9
10
11
12
13
14
15
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

MediaWiki-l May 2010