Topic: [Solved] Authenticate MediaWiki against iRedMails LDAP-Server
==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04
====
Hi,
I'm using IRedmail 0.8.5 on Ubuntu 12.04. On my server there is a running MediaWiki-installation. Now I want to add the possibility to the users to login with there emailadress and password given by the LDAP-entry. I've installed the MediaWiki-LDAPAuthentication-Plugin following these instructions: http://www.mediawiki.org/wiki/Extension … the_plugin
But I've got some problem using the correct configuration to connect MediaWiki to my LDAP-Server. Here is my LocalSettings.php-LDAP-section (just changed my domain name to example.com):
#######################
# LDAP Authentication #
#######################
require_once( "/var/www/mediawiki/extensions/LdapAuthentication/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();
//The names of one or more domains you wish to use
$wgLDAPDomainNames = array("example.com");
//The fully qualified name of one or more servers per domain you wish to use.
$wgLDAPServerNames = array("example.com"=>"localhost");
// Allow the use of the local database as well as the LDAP database.
// Mostly for transitional purposes. Unless you *really* know what you are doing,
// don't use this option. It will likely cause you annoying problems, and
// it will cause me annoying support headaches.
// Warning: Using this option will allow MediaWiki to leak LDAP passwords into
// its local database. It's highly recommended that this setting not be used for
// anything other than transitional purposes.
// Default: false
$wgLDAPUseLocal = false;
//The type of encryption you would like to use when connecting to the LDAP server.
//Available options are "tls", "ssl", and "clear"
//Default: tls
$wgLDAPEncryptionType = array("example.com"=>"clear");
//Base DNs. Group and User base DNs will be used if available; if they are not defined, the search
//will default to $wgLDAPBaseDNs
$wgLDAPBaseDNs = array("example.com"=>"o=domains,dc=example,dc=com");
//The search string to be used for straight binds to the directory; USER-NAME will be
//replaced by the username of the user logging in.
$wgLDAPSearchStrings = array("example.com"=>"E,ou=Users,dc=example,dc=com");
//Munge the case of the username to lowercase when doing searches in groups
//Default: false
$wgLDAPLowerCaseUsername = array("example.com"=>true);
//The objectclass of the groups we want to search for
$wgLDAPGroupObjectclass = array("example.com"=>"mailUser");
//The attribute used for group members
$wgLDAPGroupAttribute = array("example.com"=>"mailList");
//The naming attribute of the group
$wgLDAPGroupNameAttribute = array("example.com"=>"cn");
//Don't automatically create an account for a user if the account exists in LDAP
//but not in MediaWiki.
//Default: false.
$wgLDAPDisableAutoCreate = array("example.com"=>false);
//Option for getting debug output from the plugin. 1-3 available. 1 will show
//non-sensitive info, 2 will show possibly sensitive user info, 3+ will show
//sensitive system info. Setting this on a live public site is probably a bad
//idea.
//Default: 0
$wgLDAPDebug = 0;
$wgDebugLogGroups["ldap"] = "/tmp/mediawiki-debug.log" ;What am I doing wrong?
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.