[pmwiki-users] LDAP and Group Authentication

Thomas Gemperli gemperli at arch.ethz.ch
Wed Jan 16 06:33:05 CST 2008


Hi all

On 15.01.2008, at 18:04, ThomasP wrote:

> I was looking into your externauth.php, but could not find any  
> reference
> to ldap. Is there any further code somewhere you have in use?

I missed this thread, so I am not sure if this is interesting for you.

I use a self written piece of php (attachment) to get group members  
out of my LDAP directory (Apple OpenDirectory). It will most likely  
not work with AD, because AD stores group information inside user  
containers.

Use something like this in config.php:

$AuthUser['@editors'] =  get_ldap_values("cn=groups", "(cn=GROUP)",  
array("memberUid"));
$AuthUser['@admins'] =  get_ldap_values("cn=groups",  
"(cn=OTHERGROUP)", array("memberUid"));

$DefaultPasswords['edit'] = '@editors';
$DefaultPasswords['attr'] = '@editors';
$DefaultPasswords['upload'] = '@editors';
$DefaultPasswords['admin'] = array('@admins','id:ANOTHERUSER');

Thomas

-------------- next part --------------
A non-text attachment was scrubbed...
Name: archbook.php
Type: text/php
Size: 2891 bytes
Desc: not available
Url : /pipermail/pmwiki-users/attachments/20080116/072a1e22/attachment-0001.bin 
-------------- next part --------------





More information about the pmwiki-users mailing list