LDAP Authentication with Dokuwiki

This page describes how to activate the LDAP authentication with DokuWiki.
For more informations on the ldap server configuration, look at OpenLDAP.

The use of LDAP authentication is quite simple, but there is some limitations : it's not possible to use “register” from dokuwiki.
The documentation about LDAP authentication is available here : http://wiki.splitbrain.org/wiki:auth:ldap

To configure the LDAP authentication, you need to edit manually the config file local.php
Here is the configuration of this server :

$conf['useacl'] = 1;
$conf['authtype'] = 'ldap';
$conf['superuser'] = '@wikiadmin';


$conf['auth']['ldap']['version']    = 3;
$conf['auth']['ldap']['server']      = 'localhost';
$conf['auth']['ldap']['port']        = 389;
$conf['auth']['ldap']['binddn']     = 'cn=apache, ou=services, dc=bouthors, dc=fr';
$conf['auth']['ldap']['bindpw']     = '***';
$conf['auth']['ldap']['usertree']    = 'ou=users, dc=bouthors, dc=fr';
$conf['auth']['ldap']['grouptree']   = 'ou=groups, dc=bouthors, dc=fr';
$conf['auth']['ldap']['userfilter']  = '(&(cn=%{user})(objectClass=mboUser))';
$conf['auth']['ldap']['groupfilter'] = '(&(objectClass=mboGroup)(uniqueMember=%{dn}))';
$conf['auth']['ldap']['mapping']['name']  = 'sn';
#$conf['auth']['ldap']['debug']      = true;

Theses options are related to my LDAP tree described inside OpenLDAP.

For information, the following LDAP requests are used :

  1. connection to the LDAP server with binddn/bindpw
  2. search of the user inside usertree with the filter userfilter
  3. search of the group membership inside grouptree with the filter groupfilter
  4. bind of the user with the user dn (found with the user search) and the password provided by the user
  5. the mapping option allows to define which field contains the user name.
en/linux/dokuwiki/ldap.txt · Last modified: 2011/01/08 17:10 by matthieu
Recent changes RSS feed Debian Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki