[Mediawiki-l] LDAP Inquiry
Steve Finkelstein
sf at stevefink.net
Wed May 2 18:07:27 UTC 2007
Ryan -
Rock on.
And great work on the extension, it's a wonderful addition to our
arsenal of tools. :-)
- sf
Lane, Ryan wrote:
>> As it stands, everyone user in my LDAP schema that falls
>> under the following dn: is authorized to login,
>>
>> ou=staff,dc=domain,dc=com
>>
>> Now where the complexity comes in, is I need to add a
>> contractor to my directory. This contractor should only have
>> access to mediawiki and nothing else which LDAP authorizes
>> users to access such as UNIX logins or other web
>> applications. I do know I can use $wgLDAPUseLocal to allow
>> local logins, but I'd like to avoid keeping authorization
>> local to the wiki.
>
> Add the user to LDAP, but don't add the posixAccount and/or
> shadowAccount objectclasses; or, add the user to another OU (something
> no other services use), and make another domain for the LDAP plugin,
> pointing to this other OU.
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
> !DSPAM:1020,4638d12b662441815010600!
>
More information about the MediaWiki-l
mailing list