Topic on Manual talk:Active Directory Integration

How to bind ldap groups the either View Only, Edit and Admin

One comment • 09:35, 8 December 2020 3 years ago
1
159.46.196.36 (talkcontribs)

Hi,


After a lot of trail and error I finally can log in properly and that a you must login, but I can't figure out how to implemented the following:

  • Viewers (read only obviously) (CN=WIKI_VIEWERS,OU=groups,DC=mydomain,DC=local)
  • Editors (CN=WIKI_USERS,OU=groups,DC=mydomain,DC=local)
  • Admins (CN=WIKI_ADMINS,OU=groups,DC=mydomain,DC=local)


I tired fiddling with the mappings but does not seems to do anything (my partial json):


"groupsync": {

"mapping": {

"VIEWERS" : "CN=WIKI_VIEWERS,OU=groups,DC=mydomain,DC=local",

"EDITORS" : "CN=WIKI_USERS,OU=groups,DC=mydomain,DC=local",

"ADMINS" : "CN=WIKI_ADMINS,OU=groups,DC=mydomain,DC=local"

}

}


I started testing with viewers like so:, but when I login with a user that is in that group the user test can edit and create new pages.. But more explanation or some examples would be most helpfull


$wgGroupPermissions['VIEWERS']['edit'] = false;

$wgGroupPermissions['VIEWERS']['createpage'] = false;


Thanks in advance.

Reply 09:35, 8 December 2020 3 years ago
Reply to "How to bind ldap groups the either View Only, Edit and Admin"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Vz7iywmo06v68knx"