Thread:Extension talk:LDAP Authentication/problem configuring group membership check

Hello everyone,

I'm running MediaWiki 1.21.1 with LdapAuthentication 2.0d (2012-11-21). The authentication against the ldap server works well. Now I want authenticate only users of a special group. I'm not the administrator of the ldap server i used for authentication. The group membership is an attribute of the user and not a organisation unit the user is a member of.

Here are all information for the user smith from the ldap server :

dn: uid=smith,ou=active,ou=people,dc=my-company,dc=org objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: hisPerson objectClass: fhfPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount objectClass: inetLocalMailRecipient uid: smith gidNumber: 123

and here my configuration to use ldap authentication :

require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin;

$wgLDAPDomainNames = array('library'); $wgLDAPServerNames = array('library' => 'ldap.my-company.org'); $wgLDAPBaseDNs = array('library' => 'ou=active,ou=people,dc=my-company,dc=org'); $wgLDAPUseLocal = false; $wgLDAPEncryptionType = array('library' => 'clear'); $wgLDAPOptions = array('library' => array( LDAP_OPT_DEREF, 1 )); $wgLDAPPort = array('library' => 389);

$wgLDAPSearchStrings = array('library' => 'uid=USER-NAME,ou=active,ou=people,dc=my-company,dc=org'); $wgMinimalPasswordLength = 1;

Please can you help me to complete my configuration to authenticate user with gidNumber: 123

thank you