Thanks, Rob. I will give it a try.
______________________________________________________________________________________________ Daniel E. White daniel.e.wh...@nasa.gov<mailto:daniel.e.wh...@nasa.gov> NICS Linux Engineer NASA Goddard Space Flight Center 8800 Greenbelt Road Building 14, Room E175 Greenbelt, MD 20771 Office: (301) 286-6919 Mobile: (240) 513-5290 From: Rob Crittenden <rcrit...@redhat.com> Date: Thursday, February 6, 2020 at 15:31 To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> Cc: Daniel White <daniel.e.wh...@nasa.gov> Subject: [EXTERNAL] Re: [Freeipa-users] MediaWiki and FreeIPA ? White, Daniel E. (GSFC-770.0)[NICS] via FreeIPA-users wrote: I have been trying various LDAP extensions without success. Most Google-able information is years old. Anyone use this : https://urldefense.proofpoint.com/v2/url?u=https-3A__www.freeipa.org_page_Setting-5Fup-5FMediaWiki-5Fto-5Frun-5Fagainst-5FFreeIPA&d=DwIFaQ&c=ApwzowJNAKKw3xye91w7BE1XMRKi2LN9kiMk5Csz9Zk&r=ef_FKlWa7jWGmQqTrjkcoDY1VuVtcI_10ClISjA3_V8&m=hu5uWr2zwOQwb51GVBe19l4qDrQjEsDL1lpWolli8Zo&s=d3Z6CNAqieggQRWlRY-AS5gUXKOx0q2vx-x1EXVsTac&e= ? My first foray into the Kerberos world eons ago was to Kerberize a MW server and I used a similar method as described in the user-contributed article. I didn't end up adding in any LDAP integration but setting up auto-creation of a MW user was pretty straightforward IIRC. For my simple use case IIRC I just stripped the username off the principal and used that (similar to $wgAuthRemoteuserDomain). That won't work for AD users as you could have conflicts. Honestly for me the hardest part was setting up a KDC with LDAP integration (3 full days IIRC) in the pre-IPA days. rob
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org