Extension talk:Windows NTLM LDAP Auto Auth

group mapping for version 1.12
this works for me but changes does not effect! Insert near line 215.

// Check user is in securty group $securityFlag = false; $i = 0; foreach ($wgWinLDAPGroupMapExternal as $securityGroup) { foreach ($wgWinLDAPGroupMembership as $userGroup) { if ($userGroup == $securityGroup) { $securityFlag = true; +              $dbr = wfGetDB( DB_SLAVE ); +              $user_id = $dbr->selectField( 'user', 'user_id', array( 'user_real_name' => $wgWinLDAPUserReal ), __METHOD__ ); +              $dbw = wfGetDB( DB_MASTER ); +              $dbw->insert( 'user_groups', array( 'ug_user' => $user_id, 'ug_group' => $wgWinLDAPGroupMapInternal[$i],), 'User::addGroup', array( 'IGNORE' ) ); +              $this->debugme("Security group check passed added User $wgWinLDAPUserReal ID $user_id to group $wgWinLDAPGroupMapInternal[$i]");

have fun ! hkl

next
Anybody know how this compares/differs from Extension:LDAP_Authentication?--Tempmantemp 09:21, 2 February 2009 (UTC)

Is it possible to Port that one to Apache/Linux? I want Single-Sign-On on my Network and Default Auth from outside... -- plvoy 21:27, 8 March 2010 (GMT)

Due to updates in file SpecialUserlogin.php in 1.15.3. this extension doesn't work. Workaround is to use (less secure) SpecialUserlogin.php from 1.15.2. instead -- Honza 1:29, 8 April 2010 (CEST)

empty mail and error mapping
(Sorry for my very bad english)

Problems:


 * 1) If user are not email, this line fail : $wgWinLDAPUserEmail = $records[$i]["mail"][0];
 * 2) I add this lines in LocalSettings.php :


 * $wgWinLDAPGroupMapExternal = array("CN=MySuperGroup,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr","CN=MySuperGroup,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr","CN=MyUserGoup,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr");
 * $wgWinLDAPGroupMapInternal = array("sysop","bureaucrat","user");

After connection, in my debug file I found :


 * Debug : Group membership [3]
 * Debug : Group membership [CN=****,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr]
 * Debug : Group membership [CN=MySuperGroup,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr]
 * Debug : Group membership [CN=****,OU=Utilisateurs,OU=Groupes,OU=SIEGE,DC=intranet-exemple,DC=fr]
 * Debug : Security group check passed added to group [sysop]
 * Debug : Security group check passed added to group [bureaucrat]

The mapping seems to work but the user is not connected to groups sysop and bureaucrat (he stay just user)

What's the problem ?

Linux and IIS 7
Is this extension useable within the Linux environment without using IIS for authentication?

Also, it says this has been tested up to IIS 5, what about IIS 7?

1.20 Installation
change line: require_once('AuthPlugin.php'); to: require_once('includes/AuthPlugin.php');
 * As the extension does not use passwords, you must set $wgMinimalPasswordLength = 0; in LocalSettings.php (same 1.16 Installation notes)
 * LocalSettings.php change

change Line62-Line77: // Submit a fake login form to authenticate the user. $username = $wgWinLDAPGCServerValue; $params = new FauxRequest(array( 'wpName' => $username, 'wpPassword' => '', 'wpDomain' => '', 'wpRemember' => '' ));    // Authenticate user data will automatically create new users. $loginForm = new LoginForm($params); $result = $loginForm->authenticateUserData; if ($result != LoginForm::SUCCESS) { error_log('Unexpected authentication failure.'); return; }
 * WinNTLMLDAPAutoAuth.php cahnge

to: // Submit a fake login form to authenticate the user. $username = $wgWinLDAPGCServerValue;

$token = ''; $firsttry = true; do { $retry = false; $params = new FauxRequest(array( 'wpName' => $username, 'wpPassword' => '', 'wpDomain' => '', 'wpRemember' => '', 'wpLoginToken' => $token ));

// Authenticate user data will automatically create new users. $loginForm = new LoginForm($params); $result = $loginForm->authenticateUserData; if (firsttry && $result == LoginForm::NEED_TOKEN) { $token = $loginForm->getLoginToken; $retry = true; }elseif ($result != LoginForm::SUCCESS) { error_log('Unexpected authentication failure.'); return; }        $firsttry = false;

} while ( $retry );

change Line337: function addUser($user, $password) to: function addUser($user, $password, $email=, $realname=)

change Line367: function initUser(&$user) to: function initUser(&$user, $autocreate=false)

change Line382: function modifyUITemplate(&$template) to: function modifyUITemplate(&$template, &$type)