Extension:External Data/LDAP

The parser function #get_ldap_data allows retrieval of data from external LDAP directories. This function executes LDAP queries and assigns the results to local variables that can then be used with the #external_value function.

A note about security: - If you are going to use #get_ldap_data you should think hard about the security implications. Configuring an LDAP server in LocalSettings.php will allow anyone with edit access to your wiki to run queries against that server. You should use a domain user that has the minimum permissions for what you are trying to achieve. Wiki users could run queries to extract all sorts of information about your domain. You should know what you are doing before enabling this function.

Configuration
The PHP extension  must be enabled. You need to configure each LDAP server in LocalSettings.php. Add the following stanza for each server:

Where:


 * domain is a label to be used when calling #get_ldap_data
 * myDomainuser and myDomainPassword are credentials used to bind to the LDAP server
 * [basedn] is the base DN used for the search.

Example:

Usage
To query the LDAP server, add this call to a wiki page:

Where:


 * domain is the label used in LocalSettings.php
 * filter is the LDAP filter used for the search
 * data is the mappings of LDAP attributes to local variables
 * if all is not added, the query will retrieve only one result.

An example that retrieves a user from with Win2003/AD, using a userid passed to a template: