Mediawiki Ldap: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
Zeile 12: | Zeile 12: | ||
*cd WIKIDIR | *cd WIKIDIR | ||
*php maintenance/update.php | *php maintenance/update.php | ||
+ | =Settings= | ||
+ | <pre> | ||
+ | *LocalSettings.php | ||
+ | $wgGroupPermissions['*']['createaccount'] = true; | ||
+ | |||
+ | require_once ('extensions/LdapAuthentication/LdapAuthentication.php'); | ||
+ | require_once ('includes/AuthPlugin.php'); | ||
+ | |||
+ | |||
+ | $wgAuth = new LdapAuthenticationPlugin(); | ||
+ | $wgLDAPDomainNames = array( | ||
+ | 'openldap_conf', | ||
+ | ); | ||
+ | $wgLDAPServerNames = array( | ||
+ | 'openldap_conf' => 'waka.xinux.lan', | ||
+ | ); | ||
+ | |||
+ | $wgLDAPSearchStrings = array( 'openldap_conf' => "uid=USER-NAME,ou=users,dc=linuggs,dc=de", | ||
+ | ); | ||
+ | |||
+ | #$wgLDAPUseLocal = false; | ||
+ | $wgLDAPUseLocal = true; | ||
+ | $wgLDAPEncryptionType = array( | ||
+ | 'openldap_conf' => 'clear', | ||
+ | ); | ||
+ | $wgLDAPPort = array( | ||
+ | 'openldap_conf' => 389, | ||
+ | ); | ||
+ | $wgLDAPProxyAgent = array( | ||
+ | 'openldap_conf' => 'cn=admin,dc=linuggs,dc=de', | ||
+ | ); | ||
+ | $wgLDAPProxyAgentPassword = array( | ||
+ | 'openldap_conf' => 'geheim', | ||
+ | ); | ||
+ | $wgLDAPSearchAttributes = array( | ||
+ | 'openldap_conf' => 'uid' | ||
+ | ); | ||
+ | $wgLDAPBaseDNs = array( | ||
+ | 'openldap_conf' => 'dc=linuggs,dc=de', | ||
+ | ); | ||
+ | # To pull e-mail address from LDAP | ||
+ | $wgLDAPPreferences = array( | ||
+ | 'openldap_conf' => array( 'email' => 'mail') | ||
+ | ); | ||
+ | # Group based restriction | ||
+ | $wgLDAPGroupUseFullDN = array( "openldap_conf"=>false ); | ||
+ | $wgLDAPGroupObjectclass = array( "openldap_conf"=>"posixgroup" ); | ||
+ | $wgLDAPGroupAttribute = array( "openldap_conf"=>"memberuid" ); | ||
+ | $wgLDAPGroupSearchNestedGroups = array( "openldap_conf"=>false ); | ||
+ | $wgLDAPGroupNameAttribute = array( "openldap_conf"=>"cn" ); | ||
+ | $wgLDAPRequiredGroups = array( "openldap_conf"=>array("cn=mediawiki,ou=groups,dc=linuggs,dc=de")); | ||
+ | $wgLDAPLowerCaseUsername = array( | ||
+ | 'openldap_conf' => true, | ||
+ | ); | ||
+ | |||
+ | |||
+ | |||
+ | ## Logging Debug-Information for LDAP | ||
+ | #$wgLDAPDebug = 127; | ||
+ | #$wgShowExceptionDetails = true; //for debugging MediaWiki | ||
+ | #$wgDebugLogGroups["ldap"] = "/tmp/debugldap.log"; | ||
+ | </pre> |
Version vom 6. Februar 2018, 10:41 Uhr
Links
- https://www.mediawiki.org/wiki/Extension:LDAP_Authentication
- https://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Examples
Documentation
Install
- cd WIKIDIR/extensions
- wget https://github.com/wikimedia/mediawiki-extensions-LdapAuthentication/archive/master.tar.gz
- tar -xvzf master.tar.gz
- mv mediawiki-extensions-LdapAuthentication-master LdapAuthentication
Update
- cd WIKIDIR
- php maintenance/update.php
Settings
*LocalSettings.php $wgGroupPermissions['*']['createaccount'] = true; require_once ('extensions/LdapAuthentication/LdapAuthentication.php'); require_once ('includes/AuthPlugin.php'); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( 'openldap_conf', ); $wgLDAPServerNames = array( 'openldap_conf' => 'waka.xinux.lan', ); $wgLDAPSearchStrings = array( 'openldap_conf' => "uid=USER-NAME,ou=users,dc=linuggs,dc=de", ); #$wgLDAPUseLocal = false; $wgLDAPUseLocal = true; $wgLDAPEncryptionType = array( 'openldap_conf' => 'clear', ); $wgLDAPPort = array( 'openldap_conf' => 389, ); $wgLDAPProxyAgent = array( 'openldap_conf' => 'cn=admin,dc=linuggs,dc=de', ); $wgLDAPProxyAgentPassword = array( 'openldap_conf' => 'geheim', ); $wgLDAPSearchAttributes = array( 'openldap_conf' => 'uid' ); $wgLDAPBaseDNs = array( 'openldap_conf' => 'dc=linuggs,dc=de', ); # To pull e-mail address from LDAP $wgLDAPPreferences = array( 'openldap_conf' => array( 'email' => 'mail') ); # Group based restriction $wgLDAPGroupUseFullDN = array( "openldap_conf"=>false ); $wgLDAPGroupObjectclass = array( "openldap_conf"=>"posixgroup" ); $wgLDAPGroupAttribute = array( "openldap_conf"=>"memberuid" ); $wgLDAPGroupSearchNestedGroups = array( "openldap_conf"=>false ); $wgLDAPGroupNameAttribute = array( "openldap_conf"=>"cn" ); $wgLDAPRequiredGroups = array( "openldap_conf"=>array("cn=mediawiki,ou=groups,dc=linuggs,dc=de")); $wgLDAPLowerCaseUsername = array( 'openldap_conf' => true, ); ## Logging Debug-Information for LDAP #$wgLDAPDebug = 127; #$wgShowExceptionDetails = true; //for debugging MediaWiki #$wgDebugLogGroups["ldap"] = "/tmp/debugldap.log";