Extension:LDAP Authentication/Requirements
From MediaWiki.org
About - Requirements - Configuration - Options - Changelog - Roadmap - Suggestions - User provided info - FAQ - Support
 Release status: stable |
|
|---|---|
| Implementation | User identity |
| Description | Provides LDAP authentication, and some authorization functionality for MediaWiki |
| Author(s) | Ryan Lane |
| Last Version | 1.2a (2009-05-06) |
| MediaWiki | 1.6+ |
| License | GPL |
| Download | |
Contents |
[edit] Overview
- MediaWiki 1.6+ for current version of the plugin
- PHP must be compiled with LDAP support for any functionality at all
- PHP must be compiled with SSL support if you wish to authenticate over SSL (highly recommended!)
- Your server must trust the LDAP server's Certificate's Root CA for SSL to work (mostly affects you if you are using self signed certificates)
- The DNS name for your LDAP server must match the name in the LDAP server's certificate for SSL to work
- Smartcard/CAC authentication requires a PEM encoded list of CAs, proxy or anonymous (if allowed) LDAP credentials, and an SSL enabled webserver
- If you would like to use LDAP as a backend for MediaWiki (creating users, changing passwords, etc), you must provide a user who has write permissions to specific user attributes (please only give this user the minimum amount of access that is required)
[edit] Meeting requirements per platform
If you have instructions for any of these sections, don't hesitate to add them.
[edit] Red Hat Enterprise Linux and Fedora
[edit] PHP LDAP support
yum -y install php-ldap
[edit] PHP SSL support
PHP comes with ssl support by default in RHEL and Fedora.
[edit] Certificate trusts
TODO.
[edit] Ubuntu and Debian
[edit] PHP LDAP support
apt-get install -y php5-ldap
[edit] PHP SSL support
TODO.
[edit] Certificate trusts
TODO.
[edit] SUSE
TODO.
[edit] Solaris 10 and OpenSolaris
TODO.
[edit] Windows Server 2003 and 2008
TODO.
