[Mediawiki-l] RES: auth with AD server 2008

Diego Maciel Gomes Wed, 29 Dec 2010 11:51:37 -0800

Hey, I did it works now....

// LDAP integration - 
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
require_once ( "$IP/extensions/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();


$wgLDAPDomainNames = array('corp.com');
$wgLDAPServerNames = array('corp.com' => server01 server02');
$wgLDAPEncryptionType = array('corp.com' => 'clear');
$wgLDAPUseLocal = false;
$wgMinimalPasswordLength = 1;
$wgLDAPBaseDNs = array('corp.com' => 'OU=Users,DC=corp,DC=com');
$wgLDAPSearchAttributes = array('corp.com' => 'sAMAccountName');
$wgLDAPGroupDN = "CN=Wiki_Access,OU=Group,DC=corp,DC=com";
$wgLDAPProxyAgent = array('corp.com' => "CN=read_ad,OU=People,DC=corp,DC=com");
$wgLDAPProxyAgentPassword = array('corp.com' => 'password');
$wgLDAPRequireAuthAttribute = array('corp.com' => true);
$wgLDAPAuthAttribute = array('corp.com' => 
'!(userAccountControl:1.2.840.113556.1.4.803:=2)');

With this, I can set members of Wiki_Access group by AD and just members os 
this group can login in the wiki.

Thanks anyway

Diego

________________________________________
De: mediawiki-l-boun...@lists.wikimedia.org 
[mediawiki-l-boun...@lists.wikimedia.org] em nome de Ryan Lane 
[rlan...@gmail.com]
Enviado: quarta-feira, 29 de dezembro de 2010 14:52
Para: MediaWiki announcements and site admin list
Assunto: Re: [Mediawiki-l] auth with AD server 2008

> This is my first post, and I need help to do authenticate mediawiki with my 
> Active Directory.
>
> Windows Server 2008 with AD 2008.
>
> Today, I have the authentication with my ldap samba, but, we are change to 
> Active Directory...
>
> I try this lines in the LocalSettings.conf
>
> // LDAP integration - 
> http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
> require_once( "$IP/extensions/LdapAuthentication.php" );
> $wgAuth = new LdapAuthenticationPlugin();
> $wgLDAPDomainNames = array("corp.com");
> $wgLDAPServerNames =array("corp.com" => "serverAD01 serverAD02");
> $wgLDAPSearchStrings = array("corp.com" => 
> "uid=USER-NAME,ou=MyUsers,dc=corp,dc=com");
> $wgLDAPEncryptionType = array("corp.com" => "ssl");
> $wgMinimalPasswordLength = 1;
> $wgLDAPBaseDNs = array("corp.com" => "ou=MyUsers,dc=corp,dc=com");
> $wgLDAPSearchAttributes = array("corp.com" => "sAMAccountName");
> $wgLDAPProxyAgent =  array("corp.com" => 
> "cn=read_ad,ou=People,dc=corp,dc=com");
> $wgLDAPProxyAgentPassword = array("corp.com" => '$passofreadad.,');
>

Does your AD server have SSL enabled? By default it isn't enabled. If
you do have it enabled, you should check to see if the SSL trust is
ok. You should also enable the debug log, so that you can more easily
find what is breaking.

- Ryan

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l

--
Esta mensagem foi verificada pelo sistema de antivirus e
 acredita-se estar livre de perigo.
-- 
Esta mensagem foi verificada pelo sistema de antivirus e
 acredita-se estar livre de perigo.


_______________________________________________
MediaWiki-l mailing list
MediaWiki-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l

[Mediawiki-l] RES: auth with AD server 2008

Reply via email to