Topic on Project:Support desk

LDAP Groups not showing up in MediaWiki

2 comments • 20:13, 4 February 2017 7 years ago
2
GetRandomNumber (talkcontribs)

Hi all,

I've installed the LDAP Authentication extension as below with the following configuration in LocalSettings.php

https://www.mediawiki.org/wiki/Extension:LDAP_Authentication

The problem: Each user in LDAP is a member of a group. They all can login using their LDAP credentials to MediaWiki. They are all members of the Autoconfirmed users and Users groups. However, some users will be members of the hr group in LDAP (for example). No LDAP group, such as hr, is not showing up in Mediawiki anywhere, despite using $wgLDAPGroupsPrevail.

Anyone have any ideas as to where I'm going wrong? Probably something obvious!

Thanks in advance

(Currently using the most recent version of Ldap Auth extension with current Mediawiki).



 # LDAP
 require_once ("extensions/LdapAuthentication/LdapAuthentication.php");
 require_once ("includes/AuthPlugin.php");
 $wgAuth = new LdapAuthenticationPlugin();
 $wgLDAPDomainNames = array(
     "ldap_domain_com",
 );
 $wgLDAPServerNames = array(
     "compsoc_nuigalway_ie" => "ldap.domain.com",
 );
 $wgLDAPUseLocal = false;
 $wgLDAPEncryptionType = array(
   "ldap_domain_com" => "tls",
 );
 $wgLDAPPort = array(
   "ldap_domain_com" => 389,
 );
 $wgLDAPProxyAgent = array(
   "ldap_domain_com" => "cn=admin,dc=ldap,dc=company,dc=com",
 );
 $wgLDAPProxyAgentPassword = array(
   "ldap_domain_com" => "password",
 );
 $wgLDAPSearchAttributes = array(
     "ldap_domain_com" => "uid",
 );
 $wgLDAPBaseDNs = array(
     "ldap_domain_com" => "dc=ldap,dc=company,dc=com",
 );
 $wgLDAPGroupBaseDNs = array(
     "ldap_domain_com" => "ou=group,dc=ldap,dc=company,dc=com"
 );
 $wgLDAPPreferences = array(
     "ldap_domain_com" => array( "email" => "mail")
 );
 $wgLDAPLowerCaseUsername = array(
     "ldap_domain_com" => true
 );
 $wgLDAPUseLDAPGroups = array(
     "ldap_domain_com" => true
 );
 $wgLDAPGroupsPrevail = array(
     "ldap_domain_com" => true
 );
 $wgLDAPGroupNameAttribute = array( "ldap_domain_com"=>"cn" );
 
 # Using this as we store our group info under ou=group. Each group is a cn on it's own and lists all it's members. Is this the correct way to do it? Having this as true and as false makes no difference.
 $wgLDAPGroupSearchNestedGroups = array(
     'ldap_domain_com' => true,
 );
Reply Edited 00:08, 23 January 2017 7 years ago
GetRandomNumber (talkcontribs)

Any ideas?

Reply 20:13, 4 February 2017 7 years ago
Reply to "LDAP Groups not showing up in MediaWiki"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Tjmke5dt1qka69q5"