[pmwiki-users] ldap configuration
Patrick R. Michaud
pmichaud at pobox.com
Wed Dec 20 16:02:36 CST 2006
On Wed, Dec 20, 2006 at 02:57:30PM -0600, Matt Vance wrote:
> I'm working with a pmwiki installation that has been set up at a
> university. In the initial phase, only the professors on a particular
> committee were entering content. They would now like to open it up to
> editing by all faculty and for browsing by everyone. We have an LDAP
> server and we've been able to configure pmwiki to authenticate against
> it, using the following LDAP setting:
>
> ldap://ldap1.stedwards.edu/dc=stedwards,dc=edu?uid
>
> . . . but we've been running into trouble trying to limit editing to
> just the faculty group. There is an email group within ldap
> (emailGroup=staff), but despite having tried a dozen or so variations to
> the ldap setting above, none have produced the desired results. Can
> anyone help me to come up with the correct LDAP setting?
PmWiki's built-in LDAP authenticator doesn't have support for LDAP
groups (yet). I'll have to do a bit of thinking about how to
develop a group specifier for LDAP groups.... it takes a fair bit
more processing and specification to handle LDAP groups. From
the PmWiki end it becomes a two (or more) stage process: (1) Authenticate
the username and password, then check the username for membership
in any desired groups.
Pm
More information about the pmwiki-users
mailing list