Jump to content

Topic on Project:Support desk

This is a permanent link to the first version of this post. You can view later versions on the post history page.

Dear Support Team,

I hope this message reaches you safely. I would like to inform you that I have looked at the instructions in LDAP HUB. Therefore, I would like to use the following configuration to manage LDAP authentication and authorization:

Extension: LDAPProvider

Extension: LDAPAuthorization

I use the configuration in LocalSettings.php.

$LDAPProviderDomainConfigProvider = function() {

    $config = [

        "akg.lan" => [

            "connection" => [

                "server" => "ldap://akg-dc-01",

                "user" => "CN=Administrator,CN=Users,DC=AKG,DC=LAN",

                "pass" => "testtestt",

                "basedn" => "DC=AKG,DC=LAN",

                "groupbasedn" => "DC=AKG,DC=LAN",

                "userbasedn" => "DC=AKG,DC=LAN",

                "searchattribute" => "samaccountname",

                "searchstring" => "Administrator@akg.lan", // Replace USER-NAME with actual username

                "usernameattribute" => "samaccountname",

                "realnameattribute" => "cn",

                "emailattribute" => "mail",

                "grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupMember::factory"

            ],

            "authorization" => [

                "rules" => [

                    "groups" => [

                        "required" => [ "CN=Mediawiki,OU=Groups,DC=AKG,DC=LAN" ] // Adjust group DN as needed

                    ]

                ]

            ],

            "groupsync" => [

                "mechanism" => "mappedgroups",

                "mapping" => [

                    "sysop" => "CN=Projektmanagement,OU=Groups,DC=AKG,DC=LAN", // Map sysop and bureaucrat groups

                    "bureaucrat" => "CN=Mediawiki,OU=Groups,DC=AKG,DC=LAN"

                ]

            ],

            "userinfo" => [

                "email" => "mail",

                "realname" => "cn",

                // Add additional user info mappings as needed

            ]

        ]

    ];

    return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray($config);

};

Then i run this comands:

php maintenance/update.php --quick

php maintenance/rebuildLocalisationCache.php


Then when i Try to login on mediawiki i see this:

"The credentials provided could not be verified."


Could you please provide guidance or assistance regarding the setup of LDAPProvider and LDAPAuthorization for this purpose? Any documentation or step-by-step instructions you can share would be greatly appreciated.

Thank you in advance for your prompt attention to this matter. I look forward to your response.

Best regards,

Retrieved from "https://www.mediawiki.org/wiki/Topic:Y7u3x5959ej65zi6"