For some WIKIs that are running in our Intranet, I
need to
authenticate our users using LDAP and the following two WIKI
groups: Readers (testgroup) and Writers (testgroup2).
Anonymous should not be able to read the WIKI pages.
my problem is, that using the syntax:
$wgLDAPRequiredGroups = array(
"testLDAPdomain"=>array(
"cn=testgroup,ou=groups,dc=LDAP,dc=example,dc=com",
"cn=testgroup2,ou=groups,dc=LDAP,dc=example,dc=com"
),
I cannot define different rights for users in the testgroup
than the users in the testgroup2 have. This mean, if a user
is in one of each two groups, he will always get the Writers access.
Can you please explain how I can define two groups, with
different rights (Readers & Writers)?
This is only part of what you want...
You are limiting login to these specific groups, but you also need to
synchronize your security groups. See:
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_based_
restrictions_.28NEW.29
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_synchr
onization
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Syncronizing
_LDAP_groups_with_MediaWiki_security_groups
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_based_
login_restriction_configuration_options
You'll also need to setup your MediaWiki groups as well:
http://www.mediawiki.org/wiki/Manual:User_rights
http://www.mediawiki.org/wiki/Manual:User_rights_management
http://www.mediawiki.org/wiki/Manual:Preventing_access
V/r,
Ryan Lane