I'm wondering if anyone has dealt with the problem of wiki usernames no longer being
unique. I'll explain....
In our company, we store usernames in Active Directory and use LDAP for MediaWiki
authentication. This has worked reliably for years. Everyone has email addresses ending in
"(a)company.com".com", and the person with email address "foobar(a)company.com"
automatically gets the MediaWiki username "foobar".
Now, our company has started acquiring other companies, and each one has its own internet
domain (and they don't all use Active Directory, so we are experimenting with Auth0
for multidomain authentication). Suddenly, we can have users named foobar(a)company.com,
foobar(a)anothercompany.com, and foobar(a)thirdcompany.com. If we keep our current solution
for creating usernames, all three of these addresses map to the username
"foobar", and we have A Bad Situation.
Has anyone else encountered this situation? If so, how did you solve it for MediaWiki?
There are several obvious solutions, none of them perfect:
1. Use the entire email address (which is unique) as the MediaWiki username. This affects
all existing accounts as well as new accounts. One side-effect is that some people have
multiple email addresses (me(a)company.com, me(a)anothercompany.com) and these would be
considered different wiki users. That's not a deal-breaker... we can live with it.
2. Somehow map every email address globally to a unique ID, say, with a database table,
and use that ID as the MediaWiki username.
3. Force every domain to use Active Directory, insert a unique ID into some Active
Directory field, and use it as the MediaWiki username. This is not going to happen. We
can't change every company's authentication mechanism.
4. Stop creating usernames automatically, and have users invent their own unique
usernames. Not great in a corporate environment. When usernames don't match real
names, it's inconvenient to locate the real people behind wiki edits.
5. ...?
Any tips appreciated from anyone who has been there before.
Thank you,
DanB