On Wednesday, March 26, 2008 10:56 PM -0700 Walken
<c_to_the_rhyme(a)yahoo.com> wrote:
I have a group of around 100 people, and I would like
to make it so that
they are the only ones who can view and edit the wiki, how can I do this?
Is there a setting where I can review the email addresses of people that
create accounts on the wiki, before they are allowed to view anything
except the homepage or edit anything?
This might be a good subject for the Enterprise list.
I installed the HttpAuthPlugin module and set it to honor existing HTTP
auth. Be sure to look at its Talk page for the list of needed patches to
make it work.
<http://www.mediawiki.org/wiki/Extension:HttpAuth>
I'm using Apache's LDAP auth provider to do the actual login using Active
Directory credentials.
Apache config looks like this (assuming AD domain is ad.example.lan and a
user "apache" exists in AD to search the directory):
<VirtualHost *:80>
ServerAdmin webmaster(a)example.com
ServerName
wiki.example.com
ServerAlias wiki.example.lan
DocumentRoot /srv/wiki
</VirtualHost>
<Directory /srv/wiki/MediaWiki>
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "EXAMPLEWiki"
AuthLDAPURL
"ldap://ad.example.lan:389/CN=Users,DC=ad,DC=example,DC=lan?sAMAccountName?sub?(objectClass=*)"
NONE
AuthLDAPBindDN "CN=apache,CN=Users,DC=ad,DC=example,DC=lan"
AuthLDAPBindPassword apache
require valid-user
</Directory>