Ryan Lane suggested:
1. Use the Kerberos support in the LDAP plugin for
this.
Thanks Ryan. We previously tried a Kerberos auth solution for MediaWiki (Plexcel) but due
to a quirk in our setup, it could not work for us. The quirk is that our userPrincipalName
(
foo.com) does not equal our AD domain (
foo.net), an equivalence assumed at some level
(Kerberos or Plexcel). Additionally the kerberos library did not support a principal type
of KRB5_NT_ENTERPRISE_PRINCIPAL which is Windows specific. At least this is how it was
explained to me. I will take a look at your article.
Thanks,
DanB