Hey, I did it works now....
// LDAP integration - http://www.mediawiki.org/wiki/Extension:LDAP_Authentication require_once ( "$IP/extensions/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array('corp.com'); $wgLDAPServerNames = array('corp.com' => server01 server02'); $wgLDAPEncryptionType = array('corp.com' => 'clear'); $wgLDAPUseLocal = false; $wgMinimalPasswordLength = 1; $wgLDAPBaseDNs = array('corp.com' => 'OU=Users,DC=corp,DC=com'); $wgLDAPSearchAttributes = array('corp.com' => 'sAMAccountName'); $wgLDAPGroupDN = "CN=Wiki_Access,OU=Group,DC=corp,DC=com"; $wgLDAPProxyAgent = array('corp.com' => "CN=read_ad,OU=People,DC=corp,DC=com"); $wgLDAPProxyAgentPassword = array('corp.com' => 'password'); $wgLDAPRequireAuthAttribute = array('corp.com' => true); $wgLDAPAuthAttribute = array('corp.com' => '!(userAccountControl:1.2.840.113556.1.4.803:=2)');
With this, I can set members of Wiki_Access group by AD and just members os this group can login in the wiki.
Thanks anyway
Diego
________________________________________ De: mediawiki-l-bounces@lists.wikimedia.org [mediawiki-l-bounces@lists.wikimedia.org] em nome de Ryan Lane [rlane32@gmail.com] Enviado: quarta-feira, 29 de dezembro de 2010 14:52 Para: MediaWiki announcements and site admin list Assunto: Re: [Mediawiki-l] auth with AD server 2008
This is my first post, and I need help to do authenticate mediawiki with my Active Directory.
Windows Server 2008 with AD 2008.
Today, I have the authentication with my ldap samba, but, we are change to Active Directory...
I try this lines in the LocalSettings.conf
// LDAP integration - http://www.mediawiki.org/wiki/Extension:LDAP_Authentication require_once( "$IP/extensions/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array("corp.com"); $wgLDAPServerNames =array("corp.com" => "serverAD01 serverAD02"); $wgLDAPSearchStrings = array("corp.com" => "uid=USER-NAME,ou=MyUsers,dc=corp,dc=com"); $wgLDAPEncryptionType = array("corp.com" => "ssl"); $wgMinimalPasswordLength = 1; $wgLDAPBaseDNs = array("corp.com" => "ou=MyUsers,dc=corp,dc=com"); $wgLDAPSearchAttributes = array("corp.com" => "sAMAccountName"); $wgLDAPProxyAgent = array("corp.com" => "cn=read_ad,ou=People,dc=corp,dc=com"); $wgLDAPProxyAgentPassword = array("corp.com" => '$passofreadad.,');
Does your AD server have SSL enabled? By default it isn't enabled. If you do have it enabled, you should check to see if the SSL trust is ok. You should also enable the debug log, so that you can more easily find what is breaking.
- Ryan
_______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
-- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo.