Instalace

• Stáhněte soubor/y a vložte je do adresáře pojmenovaného LDAPAuthentication2 ve vaší složce extensions/.
  Vývojáři a přispěvatelé kódu by si místo toho měli nainstalovat rozšíření from Git pomocí:cd extensions/
git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/LDAPAuthentication2
• Na konec vašeho souboru LocalSettings.php přidejte následující kód:

  wfLoadExtension( 'LDAPAuthentication2' );
  

• Vyžaduje nastavení v konfiguračním souboru.
• Dokončeno – Přejděte na stránku Special:Version vaší wiki a zkontrolujte, zda bylo rozšíření úspěšně nainstalováno.

Nastavení

$LDAPAuthentication2AllowLocalLogin

Whether or not to display a "local" pseudo-domain in the domain selector on "Special:Login", thus allowing to authenticate against the local user database. (defaults to false )

$LDAPAuthentication2UsernameNormalizer

Use this function for normalizing username for LDAP, for example 'strtolower'. Needed after migration from earlier Version. (defaults to "" )

authentication.usernameattribute

The LDAP user object attribute name that should be used as a local wiki user username (defaults to "samaccountname")

authentication.realnameattribute

The LDAP user object attribute name that should be used as a local wiki user realname (defaults to "cn")

authentication.emailattribute

The LDAP user object attribute name that should be used as e-mail address for the local wiki user (defaults to "mail")

• Manual:Active Directory Integration (PluggableAuth + LDAP Stack)

In REL1_39 branch LDAPAuthentication2 was adapted to PluggableAuth 6.

So in case of migration from REL1_35-REL1_38 (PluggableAuth 5) to REL1_39 (PluggableAuth 6) some configuration needs to be changed. Here is the example of the old configuration:

// In any case we need to specify LDAP domain configs
$LDAPProviderDomainConfigs = "$IP/../ldapprovider.json";

// Local login is enabled
$wgPluggableAuth_EnableLocalLogin = true;
$LDAPAuthentication2AllowLocalLogin = true;
...
$wgPluggableAuth_Class = "MediaWiki\\Extension\\LDAPAuthentication2\\PluggableAuth";
$wgPluggableAuth_ButtonLabel = "Log In (PluggableAuth)";

As a result, "Log In (PluggableAuth)" login button will appear on login page, with "domains" dropdown.

Domains list is obtained from the domain configs file. Let's assume that we have "ldap1" and "ldap2" domains configured there, still it is not reflected in PluggableAuth 5 configuration.

Here is how such configuration should be changed to be compatible with PluggableAuth 6:

// In any case we need to specify LDAP domain configs
$LDAPProviderDomainConfigs = "$IP/../ldapprovider.json";

// If local login is supported as well, then these globals are still needed
$wgPluggableAuth_EnableLocalLogin = true;
$LDAPAuthentication2AllowLocalLogin = true;
...
$wgPluggableAuth_Config['Log In (LDAP1)'] = [
    'plugin' => 'LDAPAuthentication2',
    'data' => [
        'domain' => 'ldap1'
    ]
];

$wgPluggableAuth_Config['Log In (LDAP2)'] = [
    'plugin' => 'LDAPAuthentication2',
    'data' => [
        'domain' => 'ldap2'
    ]
];

Here "ldap1" and "ldap2" are domains which are configured in domain configs file.

As a result, "Log In (LDAP1)" and "Log In (LDAP2)" login buttons will appear on login page.

So the main difference is that:

• There is only one login button per LDAP domain.
• Now $wgPluggableAuth_Config global should be used.
• $wgPluggableAuth_Class global is not used anymore.

Toto rozšíření je zahrnuto v následujících wiki farmách/hostitelích a/nebo balíčcích: BlueSpice Category:Extensions included in BlueSpice/cs Canasta Category:Extensions included in Canasta/cs Toto není autoritativní seznam. Některé wiki farmy/hostitelé a/nebo balíčky mohou toto rozšíření obsahovat, i když zde nejsou uvedeny. Pro potvrzení se vždy obraťte na své wiki farmy/hostitele nebo balíček.