[pmwiki-users] ldap configuration

Patrick R. Michaud pmichaud at pobox.com
Wed Dec 20 16:02:36 CST 2006


On Wed, Dec 20, 2006 at 02:57:30PM -0600, Matt Vance wrote:
> I'm working with a pmwiki installation that has been set up at a 
> university. In the initial phase, only the professors on a particular 
> committee were entering content. They would now like to open it up to 
> editing by all faculty and for browsing by everyone. We have an LDAP 
> server and we've been able to configure pmwiki to authenticate against 
> it, using the following LDAP setting:
> 
>     ldap://ldap1.stedwards.edu/dc=stedwards,dc=edu?uid
> 
> . . . but we've been running into trouble trying to limit editing to 
> just the faculty group. There is an email group within ldap 
> (emailGroup=staff), but despite having tried a dozen or so variations to 
> the ldap setting above, none have produced the desired results. Can 
> anyone help me to come up with the correct LDAP setting?

PmWiki's built-in LDAP authenticator doesn't have support for LDAP
groups (yet).  I'll have to do a bit of thinking about how to
develop a group specifier for LDAP groups.... it takes a fair bit
more processing and specification to handle LDAP groups.  From
the PmWiki end it becomes a two (or more) stage process: (1) Authenticate 
the username and password, then check the username for membership
in any desired groups.

Pm




More information about the pmwiki-users mailing list