Ryan -
Rock on.
And great work on the extension, it's a wonderful addition to our arsenal of tools. :-)
- sf
Lane, Ryan wrote:
As it stands, everyone user in my LDAP schema that falls under the following dn: is authorized to login,
ou=staff,dc=domain,dc=com
Now where the complexity comes in, is I need to add a contractor to my directory. This contractor should only have access to mediawiki and nothing else which LDAP authorizes users to access such as UNIX logins or other web applications. I do know I can use $wgLDAPUseLocal to allow local logins, but I'd like to avoid keeping authorization local to the wiki.
Add the user to LDAP, but don't add the posixAccount and/or shadowAccount objectclasses; or, add the user to another OU (something no other services use), and make another domain for the LDAP plugin, pointing to this other OU.
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
!DSPAM:1020,4638d12b662441815010600!