From MediaWiki.org
Jump to: navigation, search
MediaWiki extensions manualManual:Extensions
Crystal Clear action run.png

Release status:Extension status stable

ImplementationTemplate:Extension#type User access, User rights
DescriptionTemplate:Extension#description This extension adds the user to the groups 'sysop' and 'bureaucrat' when the user is logged in. Its useful for a LDAP wiki based authentication and you need to define which users must be "administrators". Array defined in LocalSettings.
Author(s)Template:Extension#username Nino Dafonte, José M. Ciges
Latest versionTemplate:Extension#version  ? (2009-10-09)
MediaWikiTemplate:Extension#mediawiki Working in MW 1.14
LicenseTemplate:Extension#license No license specified
Download the code


Hooks usedTemplate:Extension#hook

Translate the AdminWhiteList extension if it is available at translatewiki.net

Check usage and version matrix.


This extension is useful to add 'sysop' and 'bureaucrat' permissions (for giving him administrator's rights) to the user logged in when you are in a private wiki with authentication based on an external source, eg. LDAP.

You must define an array (LocalSettings) with the name of the users you want to be included in 'sysop' and 'bureaucrat' groups. When the user logs in, the extension compares the username with the names in the array and, if the username is in the array, the user is automatically added to both groups.


  • Copy the code below to a file named "AdminWhiteList.php" into the extension folder.
  • Add the include for this extension in LocalSettings.php
require_once( "$IP/extensions/AdminWhiteList.php" );
  • Add the user names to the array $wgAdminWhiteList to your LocalSettings.php
$wgAdminWhiteList = array("username1", "username2", "username3");
  • Ready to go.

Debugging options[edit]

You can use the variable $wgAdminWhiteListDebug for getting debug output. The following values are available:

  • 1 will show non-sensitive info
  • 2 will show possibly sensitive user info
  • 3 will show sensitive system info. Setting this on a live public site is probably a bad idea.

The value by default is 0, i.e. no debug output at all.

Specifying the debug file[edit]

By default the debug messages will be written in the file specified in the variable $wgDebugLogFile.

If you want to specify a log file for this extension (what I recommend) you should use the array $wgDebugLogGroups with the key "adminwhitelist".

For example:

$wgDebugLogGroups["adminwhitelist"] = "/tmp/adminwhitelist.log";

Change log[edit]

  • The extension now removes the user from groups 'bureaucrat' and 'sysop' if he/she is not plus in array $wgAdminWhiteList. So it's possible to remove administrator's rights for an user.
  • The hook users is "UserLoadAfterLoadFromSession" instead of "UserLoginComplete", so it works with LDAP autologin
  • Configuration of debug messages is cleaner, now it uses the variables $wgDebugLogFile and $wgDebugLogGroups.


The last version 1.1 is here

You can download also the version 1.0 (for MediaWiki 1.12) here