I have installed mediawiki 1.33.1 and working fine without LDAP. I try to do login using LDAP authentication. I have installed Auth_remoteuser, LDAPAuthentication2, LDAPAuthorization, LDAPProvider, LDAPUserInfo and PluggableAuth. Please help me to do the configuration and autoauth using LDAP.
Here are the my Virtual host configuration details
<VirtualHost *:9004> ServerName localhost ServerAlias localhost DocumentRoot "${INSTALL_DIR}/www/mediawiki-1-33-1" <Directory "${INSTALL_DIR}/www/mediawiki-1-33-1"> Options +Indexes +Includes +FollowSymLinks +MultiViews AllowOverride All Order allow,deny Allow from all AuthName "My Intranet" AuthType SSPI SSPIAuth On SSPIAuthoritative On SSPIDomain MyDomainName SSPIOmitDomain On SSPIOfferBasic On #SSPIBasicPreferred On #SSPIofferSSPI On require valid-user require user "NT AUTHORITY\ANONYMOUS LOGON" denied </Directory> </VirtualHost>
Here are the my Localsettings details
$wgCookieSecure = false;
wfLoadExtensions([ 'PluggableAuth',
'Auth_remoteuser',
'LDAPProvider',
'LDAPAuthentication2',
'LDAPAuthorization',
'LDAPUserInfo'
]);
$LDAPAuthorizationAutoAuthRemoteUserStringParser = 'username-at-domain';
$LDAPAuthentication2UsernameNormalizer = 'strtolower';
$LDAPAuthentication2AllowLocalLogin = false;
$wgAuthRemoteuserAllowUserSwitch = true;
$wgPluggableAuth_EnableLocalLogin = false;
$wgAuthRemoteuserUserName = function() {
$user = '';
if( isset( $_SERVER[ 'REMOTE_USER' ] ) ) {
echo $user = strtolower( $_SERVER[ 'REMOTE_USER' ] ); // Returns my remote user name
}
return $user;
};
$LDAPProviderDomainConfigProvider = function() {
$config = [
'company.local' => [
'connection' => [
"server" => "coo.tc.net",
"options" => [
"LDAP_OPT_DEREF" => 1
],
"basedn" => "o=Company",
"groupbasedn" => "o=Company",
"userbasedn" => "o=Company",
"searchattribute" => "uid",
"usernameattribute" => "uid",
"realnameattribute" => "fullname",
"emailattribute" => "mail",
"grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupMember::factory"
],
'authorization' => [
'rules' => [
'groups' => [
'required' => [
'cn=WikiAccess,ou=Groups,o=Company'
]
]
]
],
'userinfo' => [
'attributes-map' => [
'email' => 'mail',
'realname' => 'fullname'
]
]
]
];
return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );
};