Thread:Extension talk:LDAP Authentication/Automatic Logon to Mediawiki Using IIS/reply (3)

Here's what I did to get my setup working...

LocalSettings.php file
Note: Absent from the config are $wgLDAPProxyAgent and $wgLDAPProxyAgentPassword. You will probably need these. I didn't for some reason, so I omitted them.

Forcing Kerberos Authentication on IIS
Helpful link: http://technet.microsoft.com/en-us/library/cc754628(WS.10).aspx

Important Quote from TechNet: ''The default setting for Windows authentication is Negotiate. This setting means that the client can select the appropriate security support provider. To force NTLM authentication, you must change the value of the  element under the  element in the ApplicationHost.config file.''

I changed my ApplicationHost.config file to look like this:

  

Configuring OpenLDAP client
Read the following link for requesting an SSL certificate for IIS: http://support.microsoft.com/kb/299875

Helpful link: http://www.ashleyknowles.net/2011/07/iis-php-and-ldaps-with-active-directory/

C:\OpenLDAP\sysconf\ldap.conf TLS_REQCERT never TLS_CACERT C:\openldap\sysconf\webcert.crt
 * 1) ldap.conf contains the following

Okay. That's all I can think of at the moment. If I feel I missed anything, I'll update this post.