[Mediawiki-l] Mediawiki 1.5 and LDAP Authentication
Christopher Chan
teamspike at spikesource.com
Thu Oct 13 18:38:02 UTC 2005
> Has anyone gotten this to work? What process did you use? It would be
> nice to have a simple step by step process. Or is this simply trial
> and error at this point?
>
Hi Batti,
I was able to get LDAP authentication to work (with some effort).
First, make sure that the you can authenticate from PHP to LDAP without any
problems (independent of mediawiki). I wrote this small php program to do
that. Just put in the proper values for the username, password, the dn, and
the ldap server. Save the text to a file 'php_ldap.php', the run it calling
'php ldap_test.php'
<?php
// using ldap bind
// ldap rdn or dn
$username = 'some_user';
$ldaprdn = 'uid=some_user,ou=Organization,dc=company,dc=com';
$ldappass = 'some_password'; // associated password
// connect to ldap server
$ldapconn = ldap_connect("ldap-host")
or die("Could not connect to LDAP server.");
if ($ldapconn) {
ldap_set_option( $ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "LDAP bind successful...\n";
} else {
echo "LDAP bind failed with ".ldap_error($ldapconn)."...\n";
}
}
?>
If that works, make sure the $wgLDAPSearchStrings has the exact distinguish
name used in the test above. The current implementation only binds to the
exact node in LDAP expecting to find 'userPassword' attribute that ldap_bind()
uses to authenticate.
If you are still having problems, kindly paste your LocalSettings.php for
LDAP, and I'll see if I can help more.
--
Christopher Chan
SpikeSource, Inc.
cchan at spikesource.com
http://developer.spikesource.com
More information about the MediaWiki-l
mailing list