Thread:Project:Support desk/Restricting view/edit privledges on a custom namepsace to Administrators && LDAP help

Hello,

I administrate a small wiki for a non-for-profit organization. We have a wiki which is viewable by all of our staff members who can bypass our simple HTTP auth.

I actually have a couple of questions relating to the sign on of MediaWiki.

1) Is there anyway I can use an LDAP database to sign users on to the wiki. For example, I have john.doe@website.org in my LDAP database. Can I use john.doe to sign users onto the wiki, using their LDAP password?

2) Along the same lines, can I use the HTTP auth that is already worked into LDAP to sign people into the wiki, so when they enter their LDAP details in the HTTP auth they are logged into the wiki without having to enter their information twice.

2.5) If #2 is not possible, I can remove the HTTP auth. I pretty much then need to sign people into the wiki using my LDAP database.

3) What schemas would I need in my LDAP database to match the groups of the wiki (Beaurcrats, Admins, Mods, users)?

4) Is there anyway I can restrict the viewing and editing of a certain custom namespace to only a specific set of staff members?

Thanks for any answers to my questions. I apologize if the scope of the topic is too large for the topic at hand.

I am using Mediawiki 1.16.0 on PHP 5.3.2-1ubuntu4.5 (apache2handler) with MySQL 5.1.41-3ubuntu12

Thanks again for any help you can provide me. Jguy 02:23, 13 December 2010 (UTC)