Topic on Project:Support desk

Dear Community,

I hope this message finds you well. I am facing a challenge in setting up LDAP login in my MediaWiki version 1.41 and am in need of urgent assistance.

Specifically, I am looking for someone experienced in configuring and setting up LDAP login in MediaWiki. I would greatly appreciate any help or guidance you can provide.

Your assistance would be greatly appreciated. Please do not hesitate to reach out if you have the necessary expertise or know someone who might be able to assist me.

Thank you in advance!

Have you checked out documentation at LDAP hub? If you get stuck, I can probably support you.

Dear Support Team,

I hope this message reaches you safely. I would like to inform you that I have looked at the instructions in LDAP HUB. Therefore, I would like to use the following configuration to manage LDAP authentication and authorization:

Extension: LDAPProvider

Extension: LDAPAuthorization

I use the configuration in LocalSettings.php.

$LDAPProviderDomainConfigProvider = function() {

    $config = [

        "akg.lan" => [

            "connection" => [

                "server" => "ldap://akg-dc-01",

                "user" => "CN=Administrator,CN=Users,DC=AKG,DC=LAN",

                "pass" => "testtestt",

                "basedn" => "DC=AKG,DC=LAN",

                "groupbasedn" => "DC=AKG,DC=LAN",

                "userbasedn" => "DC=AKG,DC=LAN",

                "searchattribute" => "samaccountname",

                "searchstring" => "Administrator@akg.lan", // Replace USER-NAME with actual username

                "usernameattribute" => "samaccountname",

                "realnameattribute" => "cn",

                "emailattribute" => "mail",

                "grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupMember::factory"

            ],

            "authorization" => [

                "rules" => [

                    "groups" => [

                        "required" => [ "CN=Mediawiki,OU=Groups,DC=AKG,DC=LAN" ] // Adjust group DN as needed

                    ]

                ]

            ],

            "groupsync" => [

                "mechanism" => "mappedgroups",

                "mapping" => [

                    "sysop" => "CN=Projektmanagement,OU=Groups,DC=AKG,DC=LAN", // Map sysop and bureaucrat groups

                    "bureaucrat" => "CN=Mediawiki,OU=Groups,DC=AKG,DC=LAN"

                ]

            ],

            "userinfo" => [

                "email" => "mail",

                "realname" => "cn",

                // Add additional user info mappings as needed

            ]

        ]

    ];

    return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray($config);

};

Then i run this comands:

php maintenance/update.php --quick

php maintenance/rebuildLocalisationCache.php

Then when i Try to login on mediawiki i see this:

"The credentials provided could not be verified."

Could you please provide guidance or assistance regarding the setup of LDAPProvider and LDAPAuthorization for this purpose? Any documentation or step-by-step instructions you can share would be greatly appreciated.

Thank you in advance for your prompt attention to this matter. I look forward to your response.

Best regards,

Please wire debug logs and then try to use the CLI script php extensions/LDAPProvider/maintenance/CheckLogin.php --domain=akg.lan --username=<someusername> to test the login. Share a redacted version (may contain sensitive data) of the debug logs here.