LDAP hub/Migration from extension LDAPAuthentication/Example 1

From MediaWiki.org
Jump to navigation Jump to search
MediaWiki Stakeholders' Group Logo.svg
LDAP Authentication Description Pluggable SSO
$wgLDAPDomainNames = array( 'MyDomain' );
Sets up one domain for authentication
$wgLDAPServerNames = array( 'MyDomain' => 'domaincontroller.mydomain.local' );
References the LDAP server by hostname / IP
$wgLDAPProxyAgent = array( 'MyDomain' => 'CN=proxyagent,OU=system,OU=user,DC=mydomain,DC=local');
Sets up proxy user account for "proxy bind"
$wgLDAPProxyAgentPassword = array( 'MyDomain' => 'VerySecret' );
$wgLDAPEncryptionType = array( 'MyDomain' => 'clear' );
$wgLDAPSearchAttributes = array( 'MyDomain' => 'samaccountname' );
$wgLDAPBaseDNs = array( 'MyDomain' => 'OU=user,DC=mydomain,DC=local' );
$wgLDAPPreferences = array( 
    'MyDomain' => array( 
        'email' => 'mail',
        'realname' => 'displayname',
        'nickname' => 'samaccountname'
    )
);
Defines which attributes of the LDAP entry are being synchronized to which field in the local MediaWiki database
$wgLDAPGroupUseFullDN = array( 'MyDomain' => true );
$wgLDAPGroupObjectclass = array( 'MyDomain' => "group" );
$wgLDAPGroupAttribute = array( 'MyDomain' => "member" );
$wgLDAPGroupSearchNestedGroups = array( 'MyDomain' => true );
$wgLDAPActiveDirectory = array( 'MyDomain' => true );
$wgLDAPGroupNameAttribute = array( 'MyDomain' => "cn" );
$wgLDAPGroupBaseDNs = array( 'MyDomain' => 'OU=usergroups,OU=groups,DC=mydomain,DC=local' );
$wgLDAPRequiredGroups = array( 
    'MyDomain' => array( 
        'CN=mediawiki,OU=usergroups,OU=groups,DC=mydomain,DC=local'
    )
);
Restricts login to a certain group membership within the LDAP resource
$wgLDAPUseLocal = false;
Disallows login of local user accounts