[Mediawiki-l] Active Directory Authentication
jspirko at xorantech.com
Mon Aug 6 18:06:00 UTC 2007
I am looking for a method of authenticating against Active Directory and possibly group permissions. Is this do-able? Does anybody have any experience making MediaWiki authenticate against Microsoft Active Directory? If so does it work well? Will this "deactivate" all ready existing MediaWiki accounts?
I have looked into and tried implementing the LDAP Authentication plugin and I am receiving errors. I am using WAMP (Windows, Apache 2.2.4, MySQL 5.0.45, PHP 5.2.3) and MediaWiki 1.10.1.
I have already done the following:
1. Copied LdapAuthentication.php to /extensions
2. Added the following to LocalSettings.php:
# Active Directory Authentication
require_once( "extensions/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "XORANTECH" );
$wgLDAPServerNames = array( "XORANTECH"=>"dcxoran.xorantech.local" );
$wgLDAPEncryptionType = array( "XORANTECH"=>"ssl" );
$wgLDAPRetrievePrefs = array( "XORANTECH"=>true ); //<- this is how to do it
$wgMinimalPasswordLength = 1;
$wgLDAPSearchStrings = array( "XORANTECH"=>"XORANTECH\\USER-NAME" );
$wgLDAPDebug = 3; //for debugging
$wgShowExceptionDetails = true; //for debugging MediaWiki
3. Copied the following files from the PHP directory to the Windows System directory (C:\%windir%\system32)
4. Uncomment the following lines in php.ini:
5. Created directory C:\OpenLDAP\sysconf and created file named ldap.conf. In this File added "TLS_REQCERT never" in the first line.
When I try logging in using domain username/password I get the following debug:
User is using a valid domain.
Setting domain as: XORANTECH
Username isn't empty.
Munged username: jspirko
Using servers: ldaps://dcxoran.xorantech.local
Then is just stops there with a blank white screen with the above debug info on it. Any ideas??
This message (including any attachments) contains confidential and proprietary
information intended only for the addressee. If you are not the intended recipient,
please notify the sender immediately by responding to this e-mail, and delete
this message and attachments from your system. If you have any questions
about this e-mail please notify the sender immediately. Any unauthorized
disclosure, copying, distribution or reliance on the contents of this information
is strictly prohibited and may constitute a violation of law.
More information about the MediaWiki-l