Extension:WikiToLDAP

MediaWiki extensions manual
WikiToLDAP
Release status: stable
Description Provides a way to migrate wiki users to LDAP-backed users
Author(s) Mark A. Hershberger, Robert Vogel
Latest version 1.0.4
Compatibility policy Snapshots releases along with MediaWiki. Master is not backward compatible.
MediaWiki 1.34+
Composer mediawiki/wiki-to-ldap
License GNU General Public License 3.0 or later
Download
  • $wgMergedGroup
  • $wgCanCheckOldUser
  • $wgOldUsersAreRenamed
  • $wgMigrationGroup
  • $wgMigrationInProgress
  • $wgOldUsernamePrefix
  • $wgInProgressGroup
Quarterly downloads 0
Translate the WikiToLDAP extension if it is available at translatewiki.net

The initial development of this extension was funded by The Open Source Geospatial Foundation to help migrate their wiki users from MediaWiki-only user accounts to their centralized, LDAP-backed OSGeo Services UserID.

The intent is to merge existing wiki accounts with LDAP-backed accounts using the UserMerge extension. There are two special pages to handle this: Special:WikiUserMerge, Special:LDAPUserMerge. Because of the requirements for OSGeo, more work has been done on the Special:LDAPUserMerge workflow, but the other one should work as well.

Prerequisites

  • A test wiki. You'll want to test the entire workflow before you deploy to production it since authentication is a critical part of the wiki.
  • Enable the UserMerge extension. WikiToLDAP uses the merge capability of the UserMerge to handle the actual merging of users.
  • Enable the Renameuser extension. This is needed if you want to rename all the existing users on the wiki initially.

Installation

This extension uses the new (as of early 2021) Composer for extensions guidance to install the extension.

This means that to install the extension you need to install composer and run the following To download the extension, run the following command from the command line in your wiki's top-level directory (i.e. the one that contains the LocalSettings.php file) :

   $ COMPOSER=composer.local.json php ( touch $COMPOSER && \
      php composer.phar require --no-update mediawiki/wiki-to-ldap )
   $ php composer.phar update

After this, you'll need to enable the extension by adding the following to your LocalSettings.php file:

    wfLoadExtension( 'WikiToLDAP' );

Configuration

As with most other MediaWiki extensions, this extension is configured by setting PHP variables in the LocalSettings.php file. The settings are all prefixed with WikiToLDAP so the MigrationInProgress setting below would be set by adding the following line to the LocalSettings.php:

    $WikiToLDAPMigrationInProgress = false;
Setting Default Description
MigrationGroup wikitoldap-needs-migration The group old wiki users are put into before any migration is attempted.
InProgressGroup wikitoldap-in-progress The group users are put into after they log in and migration has started.
MergedGroup wikitoldap-merged The group for users who have gone through WikiToLDAP's merge process.
OldUserNamePrefix ⚠️ The prefix the old wiki accounts have. You can use the -r option in the 'MoveToMigrationGroup.php' script to rename all current wiki users with this prefix.
MigrationInProgress true Whether any migration is currently in progress. If false, defaults to behaving just like LDAPAuthentication2.
OldUsersAreRenamed false Set to true if you use the -r option in the 'MoveToMigrationGroup.php' script.
CanCheckOldUser false Set to true if you want users to be able to log in with their old wiki username during the transition period.