Mediawiki Ldap: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 12: | Zeile 12: | ||
*cd WIKIDIR | *cd WIKIDIR | ||
*php maintenance/update.php | *php maintenance/update.php | ||
| + | =Settings= | ||
| + | <pre> | ||
| + | *LocalSettings.php | ||
| + | $wgGroupPermissions['*']['createaccount'] = true; | ||
| + | |||
| + | require_once ('extensions/LdapAuthentication/LdapAuthentication.php'); | ||
| + | require_once ('includes/AuthPlugin.php'); | ||
| + | |||
| + | |||
| + | $wgAuth = new LdapAuthenticationPlugin(); | ||
| + | $wgLDAPDomainNames = array( | ||
| + | 'openldap_conf', | ||
| + | ); | ||
| + | $wgLDAPServerNames = array( | ||
| + | 'openldap_conf' => 'waka.xinux.lan', | ||
| + | ); | ||
| + | |||
| + | $wgLDAPSearchStrings = array( 'openldap_conf' => "uid=USER-NAME,ou=users,dc=linuggs,dc=de", | ||
| + | ); | ||
| + | |||
| + | #$wgLDAPUseLocal = false; | ||
| + | $wgLDAPUseLocal = true; | ||
| + | $wgLDAPEncryptionType = array( | ||
| + | 'openldap_conf' => 'clear', | ||
| + | ); | ||
| + | $wgLDAPPort = array( | ||
| + | 'openldap_conf' => 389, | ||
| + | ); | ||
| + | $wgLDAPProxyAgent = array( | ||
| + | 'openldap_conf' => 'cn=admin,dc=linuggs,dc=de', | ||
| + | ); | ||
| + | $wgLDAPProxyAgentPassword = array( | ||
| + | 'openldap_conf' => 'geheim', | ||
| + | ); | ||
| + | $wgLDAPSearchAttributes = array( | ||
| + | 'openldap_conf' => 'uid' | ||
| + | ); | ||
| + | $wgLDAPBaseDNs = array( | ||
| + | 'openldap_conf' => 'dc=linuggs,dc=de', | ||
| + | ); | ||
| + | # To pull e-mail address from LDAP | ||
| + | $wgLDAPPreferences = array( | ||
| + | 'openldap_conf' => array( 'email' => 'mail') | ||
| + | ); | ||
| + | # Group based restriction | ||
| + | $wgLDAPGroupUseFullDN = array( "openldap_conf"=>false ); | ||
| + | $wgLDAPGroupObjectclass = array( "openldap_conf"=>"posixgroup" ); | ||
| + | $wgLDAPGroupAttribute = array( "openldap_conf"=>"memberuid" ); | ||
| + | $wgLDAPGroupSearchNestedGroups = array( "openldap_conf"=>false ); | ||
| + | $wgLDAPGroupNameAttribute = array( "openldap_conf"=>"cn" ); | ||
| + | $wgLDAPRequiredGroups = array( "openldap_conf"=>array("cn=mediawiki,ou=groups,dc=linuggs,dc=de")); | ||
| + | $wgLDAPLowerCaseUsername = array( | ||
| + | 'openldap_conf' => true, | ||
| + | ); | ||
| + | |||
| + | |||
| + | |||
| + | ## Logging Debug-Information for LDAP | ||
| + | #$wgLDAPDebug = 127; | ||
| + | #$wgShowExceptionDetails = true; //for debugging MediaWiki | ||
| + | #$wgDebugLogGroups["ldap"] = "/tmp/debugldap.log"; | ||
| + | </pre> | ||
Version vom 6. Februar 2018, 10:41 Uhr
Links
- https://www.mediawiki.org/wiki/Extension:LDAP_Authentication
- https://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Examples
Documentation
Install
- cd WIKIDIR/extensions
- wget https://github.com/wikimedia/mediawiki-extensions-LdapAuthentication/archive/master.tar.gz
- tar -xvzf master.tar.gz
- mv mediawiki-extensions-LdapAuthentication-master LdapAuthentication
Update
- cd WIKIDIR
- php maintenance/update.php
Settings
*LocalSettings.php
$wgGroupPermissions['*']['createaccount'] = true;
require_once ('extensions/LdapAuthentication/LdapAuthentication.php');
require_once ('includes/AuthPlugin.php');
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array(
'openldap_conf',
);
$wgLDAPServerNames = array(
'openldap_conf' => 'waka.xinux.lan',
);
$wgLDAPSearchStrings = array( 'openldap_conf' => "uid=USER-NAME,ou=users,dc=linuggs,dc=de",
);
#$wgLDAPUseLocal = false;
$wgLDAPUseLocal = true;
$wgLDAPEncryptionType = array(
'openldap_conf' => 'clear',
);
$wgLDAPPort = array(
'openldap_conf' => 389,
);
$wgLDAPProxyAgent = array(
'openldap_conf' => 'cn=admin,dc=linuggs,dc=de',
);
$wgLDAPProxyAgentPassword = array(
'openldap_conf' => 'geheim',
);
$wgLDAPSearchAttributes = array(
'openldap_conf' => 'uid'
);
$wgLDAPBaseDNs = array(
'openldap_conf' => 'dc=linuggs,dc=de',
);
# To pull e-mail address from LDAP
$wgLDAPPreferences = array(
'openldap_conf' => array( 'email' => 'mail')
);
# Group based restriction
$wgLDAPGroupUseFullDN = array( "openldap_conf"=>false );
$wgLDAPGroupObjectclass = array( "openldap_conf"=>"posixgroup" );
$wgLDAPGroupAttribute = array( "openldap_conf"=>"memberuid" );
$wgLDAPGroupSearchNestedGroups = array( "openldap_conf"=>false );
$wgLDAPGroupNameAttribute = array( "openldap_conf"=>"cn" );
$wgLDAPRequiredGroups = array( "openldap_conf"=>array("cn=mediawiki,ou=groups,dc=linuggs,dc=de"));
$wgLDAPLowerCaseUsername = array(
'openldap_conf' => true,
);
## Logging Debug-Information for LDAP
#$wgLDAPDebug = 127;
#$wgShowExceptionDetails = true; //for debugging MediaWiki
#$wgDebugLogGroups["ldap"] = "/tmp/debugldap.log";