Extension:WikiToLDAP
WikiToLDAP Release status: stable |
|
---|---|
Description | Provides a way to migrate wiki users to LDAP-backed users |
Author(s) | Mark A. Hershberger, Robert Vogel |
Latest version | 1.0.4 |
Compatibility policy | Snapshots releases along with MediaWiki. Master is not backward compatible. |
MediaWiki | 1.34+ |
Composer | mediawiki/wiki-to-ldap |
License | GNU General Public License 3.0 or later |
Download | |
|
|
Quarterly downloads | 0 |
Translate the WikiToLDAP extension if it is available at translatewiki.net | |
The initial development of this extension was funded by The Open Source Geospatial Foundation to help migrate their wiki users from MediaWiki-only user accounts to their centralized, LDAP-backed OSGeo Services UserID.
The intent is to merge existing wiki accounts with LDAP-backed accounts using the UserMerge extension. There are two special pages to handle this: Special:WikiUserMerge, Special:LDAPUserMerge. Because of the requirements for OSGeo, more work has been done on the Special:LDAPUserMerge workflow, but the other one should work as well.
Prerequisites
edit- A test wiki. You'll want to test the entire workflow before you deploy to production it since authentication is a critical part of the wiki.
- Set up the LDAPAuthentication2 extension. This depends on at least PluggableAuth and LDAPProvider. You should ensure that users can log in using their LDAP credentials before proceding.
- Enable the UserMerge extension. WikiToLDAP uses the merge capability of the UserMerge to handle the actual merging of users.
- Enable the Renameuser extension. This is needed if you want to rename all the existing users on the wiki initially.
Installation
editThis extension uses the new (as of early 2021) Composer for extensions guidance to install the extension.
This means that to install the extension you need to install composer and run the following To download the extension, run the following command from the command line in your wiki's top-level directory (i.e. the one that contains the LocalSettings.php
file) :
$ COMPOSER=composer.local.json php ( touch $COMPOSER && \ php composer.phar require --no-update mediawiki/wiki-to-ldap ) $ php composer.phar update
After this, you'll need to enable the extension by adding the following to your LocalSettings.php
file:
wfLoadExtension( 'WikiToLDAP' );
Configuration
editAs with most other MediaWiki extensions, this extension is configured by setting PHP variables in the LocalSettings.php
file. The settings are all prefixed with WikiToLDAP
so the MigrationInProgress
setting below would be set by adding the following line to the LocalSettings.php
:
$WikiToLDAPMigrationInProgress = false;
Setting | Default | Description |
---|---|---|
MigrationGroup | wikitoldap-needs-migration | The group old wiki users are put into before any migration is attempted. |
InProgressGroup | wikitoldap-in-progress | The group users are put into after they log in and migration has started. |
MergedGroup | wikitoldap-merged | The group for users who have gone through WikiToLDAP's merge process. |
OldUserNamePrefix | ⚠️ | The prefix the old wiki accounts have. You can use the -r option in the 'MoveToMigrationGroup.php' script to rename all current wiki users with this prefix.
|
MigrationInProgress | true | Whether any migration is currently in progress. If false, defaults to behaving just like LDAPAuthentication2. |
OldUsersAreRenamed | false | Set to true if you use the -r option in the 'MoveToMigrationGroup.php' script.
|
CanCheckOldUser | false | Set to true if you want users to be able to log in with their old wiki username during the transition period. |