Configure mediawiki for LDAP authentication with Microsoft active directory

2011-08-15 / Linux, Random, Server / 2 Comments

Problem:

Needed to enable  Microsoft Active Directory authentication to our internal mediawiki site.

Solution:

enable Ldapauthentication.php extension. modify localsettings.php file to include the following:

require_once( “$IP/extensions/LdapAuthentication/LdapAuthentication.php” );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( “ADSITE” );
$wgLDAPServerNames = array( “ADSITE”=>”wcp01xdc.ADSITE.local”  );
$wgLDAPBaseDNs = array( “ADSITE”=>”dc=ADSITE,dc=local” );
$wgLDAPSearchStrings = array(“ADSITE” => “ADSITE\\USER-NAME”);
$wgLDAPSearchAttributes = array( “ADSITE”=>”sAMAccountName” );
$wgLDAPLowerCaseUsername = array( “ADSITE”=>true );
$wgLDAPRequiredGroups = array( “ADSITE”=>array(“cn=information technology,ou=users,ou=information technology,ou=ADSITE,dc=ADSITE,dc=local”) );
$wgLDAPGroupUseFullDN = array( “ADSITE”=>true );
$wgLDAPGroupsUseMemberOf = array( “ADSITE”=>true );
$wgLDAPGroupObjectclass = array( “ADSITE”=>”group” );
$wgLDAPGroupAttribute = array( “ADSITE”=>”member” );
$wgLDAPGroupSearchNestedGroups = array( “ADSITE”=>true );
$wgLDAPGroupNameAttribute = array( “ADSITE”=>”cn” );
$wgLDAPPreferences = array( “ADSITE”=>true );
$wgLDAPDisableAutoCreate = array( “ADSITE”=>false );
$wgMinimalPasswordLength = 1;
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( “ADSITE”=>”clear” );
$wgUseLocal = false;
#$wgLDAPDebug = 99;
#$wgDebugLogGroups[“ldap”] = “/tmp/wikildapdebug.log” ;

Replace “ADSITE” with the name of your domain. It is currently setup for clear text authentication. After you get clear text authentication working you should enable tsl or ssl authentication if need be.

the setting $wgLDAPRequiredGroups is optional and is used to allow only certain groups to login the wiki. in this case “Information Technology”

Read More

PeopleSoft xmllink 302 : Site moved temporarily

2011-08-02 / PeopleSoft / 1 Comments

Problem:

After refreshing one of our environments the xmlink http://server/xmllink/fmsqa stopped working and was throwing an error like “302 : Site moved temporarily”.

Solution:

After troubleshooting this was caused by an incorrect password in the XML Link section of the Webprofile -> Security Tab.

After changing the userID and Password to the  correct one for the QA environment. This problem went away and they where able to access the xmllink using the excel spreadsheet.

Read More