Extension:LDAP Authentication/Roadmap

Extension:LDAP Authentication/extinfo

Next versionEdit

I have a bad memory, and need a to-do list. If I have promised to add something for you in the next version, and it isn't in the list below, please add it.


  • Fix referencs to $ldapconn that should be $this->ldapconn in primary group code for AD (in SVN)
  • Fix User not loaded from session issue [1]
  • Change behavior of locally managed groups to allow MediaWiki specific groups to be overridden [2]
  • Fix the username-authentication issue once and for all (hopefully without nasty hacks) [3] [4]
  • Fix the issue where local users can't change their passwords [5]
  • Add strictUserAuth support
  • Add support for automatic domain discovery
  • Refactor the code to handle configuration globals differently
    • Add an option for schema type, so that common options can be automatically configured
    • Fallback to defaults when certain options aren't set
  • Fix memberOf with memberOf overlays (in SVN) [6]
  • Add check for non-returned data [7]
  • Add $wgLDAPAllowLocalUsers and $wgLDAPRequiredUsers as a way to allow a list of local users (e.g., WikiSysop) and a list of LDAP users for access. [8]
  • Ensure compatibility with PHP 5.3 [9]
  • Fix issue with excluded groups [10]
  • Support dynamic groups [11]

Possibly in a future versionEdit

  • Allow changes to LDAP groups via Special:Userrights
  • Support for choosing default search scope, and defining it for multiple domains.
  • Support for adding users/changing passwords in Active Directory.
  • Support for using LDAP as a complete user backend (including user options and such). Using ldap as a backend will require a custom schema to be loaded in the LDAP server.
  • Optionally munge usernames when using auto-auth