Extension:LDAP Authentication/Roadmap

From MediaWiki.org
Jump to navigation Jump to search

About - Requirements - Examples - Configuration Options - Changelog - Roadmap - Suggestions - User provided info - FAQ - Support

MediaWiki extensions manualManual:Extensions
Crystal Clear action run.svg
LDAP Authentication

Release status:Extension status stable

ImplementationTemplate:Extension#type User identity
DescriptionTemplate:Extension#description Provides LDAP authentication, and some authorization functionality for MediaWiki
Author(s)Template:Extension#username Ryan Lane (Ryan lanetalk)
Latest versionTemplate:Extension#version 2.1.0 (2014-03-28)
Compatibility policyCompatibility#mediawiki_extensions master
MediaWikiTemplate:Extension#mediawiki 1.19+
Database changesTemplate:Extension#needs-updatephp Yes
LicenseTemplate:Extension#license GNU General Public License 2.0 or later
Hooks usedTemplate:Extension#hook

Translate the LDAP Authentication extension if it is available at translatewiki.net

Check usage and version matrix.


Open tasks · Report a bug

Next version[edit]

I have a bad memory, and need a to-do list. If I have promised to add something for you in the next version, and it isn't in the list below, please add it.


  • Fix referencs to $ldapconn that should be $this->ldapconn in primary group code for AD (in SVN)
  • Fix User not loaded from session issue [1]
  • Change behavior of locally managed groups to allow MediaWiki specific groups to be overridden [2]
  • Fix the username-authentication issue once and for all (hopefully without nasty hacks) [3] [4]
  • Fix the issue where local users can't change their passwords [5]
  • Add strictUserAuth support
  • Add support for automatic domain discovery
  • Refactor the code to handle configuration globals differently
    • Add an option for schema type, so that common options can be automatically configured
    • Fallback to defaults when certain options aren't set
  • Fix memberOf with memberOf overlays (in SVN) [6]
  • Add check for non-returned data [7]
  • Add $wgLDAPAllowLocalUsers and $wgLDAPRequiredUsers as a way to allow a list of local users (e.g., WikiSysop) and a list of LDAP users for access. [8]
  • Ensure compatibility with PHP 5.3 [9]
  • Fix issue with excluded groups [10]
  • Support dynamic groups [11]

Possibly in a future version[edit]

  • Allow changes to LDAP groups via Special:Userrights
  • Support for choosing default search scope, and defining it for multiple domains.
  • Support for adding users/changing passwords in Active Directory.
  • Support for using LDAP as a complete user backend (including user options and such). Using ldap as a backend will require a custom schema to be loaded in the LDAP server.
  • Optionally munge usernames when using auto-auth