[Mediawiki-l] LDAP authentication

Arjun Jacob Thomas Arjun.Jacob at mphasis.com
Fri Jun 24 05:57:23 UTC 2005 

Hi rowan,
	    Thanks for the info. This is what I did.

       Extracted the following files to my wiki folder
       1) authplugin.php
       2) language.php
       3) ldapauthentication.php
	4) specialuserlogin.php
      5) user.php
       6) userlogin.php

    Of the above the only changes I made were to the
lpadauthentication.php 

if ( $wgLDAPUseSSL ) {
                        $serverpre = "ldaps://";
                } else {
                        $serverpre = "ldap://";
                }

    I inserter the IP address of my ldap server into the above code.


Next I pasted the following code into the localsettings.php file ( after
entering the information for domain, server and search string )

require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array(
  "testADdomain","testLDAPdomain"
  );
$wgLDAPServerNames = array(
  "testADdomain"=>"testADserver.example.com",
  "testLDAPdomain"=>"testLDAPserver.example.com
testLDAPserver2.example.com"
  );
$wgLDAPSearchStrings = array(
  "testADdomain"=>"TDOMAIN\\USER-NAME",
  "testLDAPdomain"=>"uid=USER-NAME,ou=people,dc=example,dc=com"
  );
$wgLDAPUseSSL = true; //Recommended!!
$wgLDAPUseLocal = true; //Allow the use of the local database as well as
the LDAP database
$wgMinimalPasswordLength = 1; #If using mediawiki 1.5. Note: 1 is the
minimum, feel free to go higher
//The following are for use in version 0.8+
$wgLDAPAddLDAPUsers = true;  //if true WikiDN and WikiPassword must be
set
$wgLDAPUpdateLDAP = true;  //if true WikiDN and WikiPassword must be set


These last 2 variables I did not feed information into... any idea what
they do? I just want to be able to extract username and password
information of my ldap server to authenticate users , not to allow them
to make changes on the ldap server. 

$wgLDAPWikiDN = "uid=priviledgedUser,ou=people,dc=example,dc=com";
//Please use a user with limited access, NOT your directory manager
$wgLDAPWikiPassword = "{SHA}KqYKj/f81HPTIeAUav2eJt85UUc="; //You are
able to use clear text passwords, but please try not to


After I completed the above mentioned steps I tried accessing the wiki.
Now even my old user name ( on the wiki DB) does not allow me to login.
I get a blank page ).


Would appreciate any help I can get with this.... as you can see I'm
stuck..


Thanks,
AJ




-----Original Message-----
From: mediawiki-l-bounces at Wikimedia.org
[mailto:mediawiki-l-bounces at Wikimedia.org] On Behalf Of Rowan Collins
Sent: Thursday, June 23, 2005 3:53 PM
To: MediaWiki announcements and site admin list
Subject: Re: [Mediawiki-l] LDAP authentication

On 23/06/05, Arjun Jacob Thomas <Arjun.Jacob at mphasis.com> wrote:

> LDAP authentication in our company. How can I moderate access to the
> Wiki using accounts that exist on the LDAP server?

See http://meta.wikimedia.org/wiki/LDAP_Authentication

-- 
Rowan Collins BSc
[IMSoP]
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l at Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l

More information about the MediaWiki-l mailing list