LDAP авторизация в MediaWiki

Apr 23, 2019 MediaWiki LDAP MediaWiki

Скачиваем расширение LdapAuthentication, распаковываем в папку extensions.
После его распаковки запустите update.php
Далее редактируем файл LocalSettings.php

#LDAP

require_once('extensions/LdapAuthentication/LdapAuthentication.php');
require_once ('includes/AuthPlugin.php');
$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDomainNames = array('domain.local');
$wgLDAPServerNames = array('domain.local' => 'server.domain.local');
$wgLDAPPort = array('domain.local' => 389);
$wgLDAPEncryptionType = array('domain.local' => 'false');
$wgLDAPUseLocal = true;

$wgLDAPSearchStrings = array('domain.local' => 'USER-NAME@domain.local',);
$wgLDAPProxyAgent = array('domain.local' => 'user');
$wgLDAPProxyAgentPassword = array('domain.local' => 'pass');
$wgLDAPSearchAttributes = array('domain.local' => 'sAMAccountName');
$wgLDAPBaseDNs = array('domain.local' => 'DC=domain,DC=local');
$wgLDAPGroupBaseDNs = array('domain.local' => 'OU=Groups,DC=domain,DC=local');
$wgLDAPUserBaseDNs = array('domain.local' => 'OU=Users,DC=domain,DC=local');

$wgLDAPRetrievePrefs = array('domain.local' => 'true');
$wgLDAPPreferences = array('domain.local' => array('email' => 'mail','realname' => 'displayname'));

$wgLDAPDisableAutoCreate = array('domain.local' => true);

$wgLDAPGroupUseFullDN = array('domain.local' => true);
$wgLDAPLowerCaseUsername = array('domain.local' => true);
$wgLDAPGroupObjectclass = array('domain.local' => 'group');
$wgLDAPGroupAttribute = array('domain.local' => 'member');
$wgLDAPGroupNameAttribute = array('domain.local' => 'cn');
$wgLDAPGroupsUseMemberOf = array('domain.local' => true);
$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgLDAPDebug = 99;
$wgDebugLogGroups["ldap"] = "$wgResourceBasePath/tmp/ldap.log";