quarta-feira, março 27, 2019

MediaWiki autenticando no AD

Segue ambiente e configuração funcional para autenticar no AD com a extensão LdapAuthentication.


SO: Oracle Linux 7.6
Produto     Versão
MediaWiki     1.32.0
Apache 2.4.6
PHP     7.1.27 (apache2handler)
MariaDB     5.5.60-MariaDB

LdapAuthentication: REL1_32
2018-10-17T02:21:37





Lembrando de executar para atualizar o banco de dados após instalar a extensão:

# php maintenance/update.php

LdapSettings.php
#Section LDAP
require_once ("$IP/extensions/LdapAuthentication/LdapAuthentication.php");

$wgAuth = new LdapAuthenticationPlugin();

#$wgLDAPDebug = 99; # 3
#$wgDebugLogGroups['ldap'] = '/tmp/debug-ldap.log' ;


$wgLDAPDomainNames        = array('domain');
$wgLDAPServerNames        = array('domain' => 'meudominiodoad.com.br');
$wgLDAPBaseDNs            = array('domain' => 'dc=meudominiodoad,dc=com,dc=br');
$wgLDAPGroupBaseDNs       = array('domain'=> 'ou=Users,dc=meudominiodoad,dc=com,dc=br');
$wgLDAPUserBaseDNs        = array('domain'=> 'ou=Users,dc=meudominiodoad,dc=com,dc=br');

$wgLDAPRetrievePrefs      = array('domain' => true);
$wgLDAPPreferences        = array('domain' => array('email' => 'mail',
                                                  'realname' => 'cn',
                                                  'nickname' => 'samaccountname',
                                                  'language' => 'msexchuserculture'));

$wgLDAPProxyAgent =  array('domain' => 'usuarioADparaconsulta');

$wgLDAPProxyAgentPassword = array('domain' => 'minhaSENHAultra');

$wgLDAPSearchAttributes   = array('domain' => 'sAMAccountName');

#$wgLDAPUseLDAPGroups      = array('domain' => true);
$wgLDAPActiveDirectory    = array('domain' => true);

$wgLDAPEncryptionType     = array('domain' => 'clear'); # ssl, clear
$wgLDAPUseLocal           = false;
$wgLDAPGroupsUseMemberOf  = array('domain' => true);

Nenhum comentário: