About this board

Ldap Authentification not working under 1.33

1
TheNetStriker (talkcontribs)

Hi Ryan, I've just found out that the Ldap Authentification plugin does not work anymore with Mediawiki version 1.33. I found the following discussion about this: Topic:V2uhxauzg1zj7owv


It seems that the $wgAuth setting was completeley removed and the Ldap plugin is not loaded any more. Do you maintain this plugin or where should I report this issue?

Reply to "Ldap Authentification not working under 1.33"
ElinazT (talkcontribs)

Is this document compatible with older version of MediaWiki? I use MediaWiki V 1.16 on windows 7 .

Reply to "MediaWiki Version"

Is there going to be any new versions?

3
148.137.25.79 (talkcontribs)

Is there going to be any new versions?

Ryan lane (talkcontribs)

New versions of what? In general I don't maintain anything mediawiki related.

2A00:18C8:3E27:3012:3C2A:D988:B0D:45D8 (talkcontribs)

new version LdapAuthentication for latest wiki version 1.32?

Reply to "Is there going to be any new versions?"
Janaboy (talkcontribs)

Hi Ryan,

I hope you can help me.

We try to restrict the access based on LDAP group but it is not working.

This is the current config:

$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDomainNames = array( 'DOMAIN');

$wgLDAPServerNames = array( 'DOMAIN' => 'xx1.corp.DOMAIN.com xx2.corp.DOMAIN.com');

$wgLDAPSearchStrings = array('DOMAIN' => 'DOMAIN\\USER-NAME');

$wgLDAPEncryptionType = array( 'DOMAIN' => 'false');

$wgLDAPUseLocal = false;

$wgMinimalPasswordLength = 1;

$wgLDAPBaseDNs = array( 'DOMAIN' => 'DC=corp,DC=DOMAIN,DC=com');

$wgLDAPUserBaseDNs = array( 'DOMAIN' => 'OU=users,DC=corp,DC=DOMAIN,DC=com' );

$wgLDAPGroupBaseDNs = array( 'DOMAIN' => 'OU=applications,OU=groups,DC=corp,DC=DOMAIN,DC=com' );

$wgLDAPSearchAttributes = array( 'DOMAIN' => 'usernameoftheaccount' );

$wgLDAPGroupNameAttribute = array( 'DOMAIN' => 'cn' );

$wgLDAPActiveDirectory = array( 'DOMAIN' => true );

$wgLDAPUseLDAPGroups = array( 'DOMAIN' => true );

$wgLDAPGroupUseFullDN = array( 'DOMAIN' => true );

$wgLDAPGroupObjectclass = array( 'DOMAIN' => 'group');

$wgLDAPGroupAttribute = array( 'DOMAIN' => 'user' );

$wgLDAPRequiredGroups = array( 'DOMAIN' => array( 'CN=thisisthenameoftheadgroup,OU=applications,OU=groups,DC=corp,DC=DOMAIN,DC=com' ) );

In the log i can see that not able to find user in the 'thisisthenameoftheadgroup' group.

Do you have any idea why?

The login is working without the LDAPRequiredGroups paramter.

Thank you in advance,

Br,

Janaboy

Janaboy (talkcontribs)

Just for the future, if somebody will have the same issue, here this parameter caused the issue:

$wgLDAPSearchAttributes

The working one is this:

$wgLDAPSearchAttributes = array( 'DOMAIN' => 'sAMAccountName' );

Reply to "Login issue"

A barnstar for you!

1
Winged Blades of Godric (talkcontribs)
The Original Barnstar
This's for your brave efforts at this phab ticket..Your genious seems to be unbounded!?
Reply to "A barnstar for you!"

Blank Page issue with AD auth via LDAP Auth extension

1
Jedunbar (talkcontribs)

Hello,

I am having the same issue with MediaWiki v1.27.1 running in IIS on Windows 2012 R2. I downloaded and untar'd the file to C:\inetpub\wwwroot\mediawiki\extensions\LdapAuthentication. The moment I uncomment the code below, all of the MediaWiki pages won't load and stay blank (white). I even ran php maintenance/update.php after making the changes to no avail. Thoughts? Is something up with my config? See below. I have to comment out all of the LDAP-related text below for any of the MediaWiki pages to load again.

# Enabled extensions. Most of the extensions are enabled by adding

# wfLoadExtensions('ExtensionName');

# to LocalSettings.php. Check specific extension documentation for more details.

# The following extensions were automatically enabled:

wfLoadExtension( 'PdfHandler' );

wfLoadExtension( 'LdapAuthentication' );

# End of automatically generated settings.

# Add more configuration options below.

require_once( “$IP/extensions/LdapAuthentication/LdapAuthentication.php” );

$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDomainNames = array( “myserver” );

$wgLDAPServerNames = array( “myserver”=>”myserver.www.domain.domain.com”  );

$wgLDAPBaseDNs = array( “myserver”=>”dc=myserver,dc=www,dc=domain,dc=domain,dc=com” );

$wgLDAPSearchStrings = array(“myserver” => “mydomain\\USER-NAME”);

$wgLDAPSearchAttributes = array( “myserver”=>”sAMAccountName” );

$wgLDAPLowerCaseUsername = array( “myserver”=>true );

$wgLDAPGroupUseFullDN = array( “myserver”=>true );

$wgLDAPGroupsUseMemberOf = array( “myserver”=>true );

$wgLDAPGroupObjectclass = array( “myserver”=>”group” );

$wgLDAPGroupAttribute = array( “myserver”=>”member” );

$wgLDAPGroupSearchNestedGroups = array( “myserver”=>true );

$wgLDAPGroupNameAttribute = array( “myserver”=>”cn” );

$wgLDAPPreferences = array( “myserver”=>true );

$wgLDAPDisableAutoCreate = array( “myserver”=>false );

$wgMinimalPasswordLength = 1;

$wgLDAPUseSSL = false;

$wgLDAPEncryptionType = array( “myserver”=>”clear” );

$wgUseLocal = false;

Reply to "Blank Page issue with AD auth via LDAP Auth extension"
Yhz1221 (talkcontribs)

hey

VanShunt (talkcontribs)

hey

Great work on the LDAP extension--thanks for your time!

Reply to "hey"

Can you change discussion page?

1
Takahiro4 (talkcontribs)

I hope usable tree bbs like this hierarchy.--[[User:Takahiro4|Takahiro4]]

Reply to "Can you change discussion page?"
Сунприат (talkcontribs)

Hello, a few questions :

1) after turning on https by default for anonymous readers, will they have a way to use the usual http at desktop view? For example, readers can use compressive Google and Opera servers - they will no longer be able to use them?

2) mobile version will also be https by default?

3) beta testing program will still work? have any plans for the time of the beginning of beta? If a separate wiki has a consensus for inclusion https by default now, you can do it now?

4) If not, what do you think about the inclusion of https now through a script in MediaWiki:Common.js in a separate langeage X.wikipedia.org?

if (window.location.protocol !== "https:" && window.location.host === 'ru.wikipedia.org' && typeof wgUserId === 'undefined')
   window.location.href = "https:" + window.location.href.substring(window.location.protocol.length);

importMW = function (name) { importScript('MediaWiki:'+name+'.js') }

importScript_ = importScript
importScript = function (page, proj){
if (!proj) importScript_(page)
else {
  if (proj.indexOf('.')==-1) proj += '.wikipedia.org'
  importScriptURI('//'+proj+'/w/index.php?action=raw&ctype=text/javascript&title='+mw.util.wikiUrlencode(page))
 }
}

This post was posted by Сунприат, but signed as Sunpriat.

Reply to "Https"
Plaws~mediawikiwiki (talkcontribs)

Older MW installation (1.15.1) running ``LDAP Authentication Plugin (Version 1.2a (beta)).

In the process of moving it all (this one and another wiki that was at 1.12!) to a new host. One needs LDAP (AD) the other doesn't.

If I install the latest version of the LDAP extension under MW 1.15.1 will it work? I want to get it working as before on the new host before I update to 1.23.

Peter

This post was posted by Plaws~mediawikiwiki, but signed as Plaws.

Plaws~mediawikiwiki (talkcontribs)

Actually ... never mind. I think it's all working under 1.15.1. Just need to sort out all the redirects, etc, and then I can update to the latest.

This post was posted by Plaws~mediawikiwiki, but signed as Plaws.

Reply to "v1.12a beta?"