Extension:LDAP Authentication/Requirements

Overview

 * MediaWiki 1.6+ for current version of the plugin
 * PHP must be compiled with LDAP support for any functionality at all
 * PHP must be compiled with SSL support if you wish to authenticate over SSL (highly recommended!)
 * Your server must trust the LDAP server's Certificate's Root CA for SSL to work (mostly affects you if you are using self signed certificates)
 * The DNS name for your LDAP server must match the name in the LDAP server's certificate for SSL to work
 * Smartcard/CAC authentication requires a PEM encoded list of CAs, proxy or anonymous (if allowed) LDAP credentials, and an SSL enabled webserver
 * If you would like to use LDAP as a backend for MediaWiki (creating users, changing passwords, etc), you must provide a user who has write permissions to specific user attributes (please only give this user the minimum amount of access that is required)

Meeting requirements per platform
If you have instructions for any of these sections, don't hesitate to add them.

PHP SSL support
PHP comes with ssl support by default in RHEL and Fedora.

Certificate trusts
TODO.

PHP SSL support
TODO.

Certificate trusts
TODO.

SUSE
TODO -- still not complete


 * I use the following steps to manually compile PHP with the required openssl and ldap support for Apache2 module:
 * download PHP 5.4.12 from http://www.php.net to /usr/local/src ; tar -xzf ... ; cd ...
 * ./configure --prefix=/usr --datadir=/usr/share/php --mandir=/usr/share/man --bindir=/usr/bin --libdir=/usr/share --includedir=/usr/include --sysconfdir=/etc --with-libdir=lib64 --with-config-file-path=/etc --with-exec-dir=/usr/lib64/php/bin --with-apxs2=/usr/sbin/apxs2-prefork --with-openssl --with-bz2 --with-zlib --with-curl --with-ldap --with-mysql --enable-soap --enable-mbstring x86_64-suse-linux --with-xsl --with-xsl --enable-calendar
 * make
 * sudo make install
 * (detailed explanantion follows) --Wikinaut 14:21, 18 December 2009 (UTC)

Solaris 10 and OpenSolaris
TODO.

Windows Server 2003 and 2008
If you're fortunate enough to be running WAMP, enable the LDAP extension via the WAMP Manager.

TODO.

Mac OS X
TODO.