[Mediawiki-l] Kerberos? (Re: Single-Login with Woltlab Burbing Board (Wbb)?
Peter Laws
plaws at ou.edu
Wed Aug 15 20:15:11 UTC 2007
Lane, Ryan wrote:
> http://www.mediawiki.org/wiki/Category:Authentication_and_Login
So the SSO hack we've been using on RHEL 3 and 4 (busted in RHEL 5!) to
authenticate off of our AD infrastructure is to tell RHEL that the AD stuff
is a Kerberos KDC. Works pretty well - all I need to do is a useradd on
the person's AD login it's maintenance free from there as far as I'm
concerned plus I control just which AD users can get in.
Anyone doing something like this with MW 1.10? I see
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication and that might
do it, but I wasn't the one that came up with the scheme we use and don't
know enough about AD and Kerberos to be able to do any necessary hacking.
I realize that I couldn't control who had an account (like having to do a
useradd on RHEL), but I can probably do something similar via a group in AD.
--
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
plaws at ou.edu
-----------------------------------------------------------------------------
+ Ranked 10th in PC Magazine's 2007 Top 20 Wired Campuses
+ Computerworld 2006 100 Best Places to Work in IT
-----------------------------------------------------------------------------
More information about the MediaWiki-l
mailing list