Loading...
 
LDAP use in older Tiki versions

LDAP Pear::Auth Settings With LDAP version 3 And TikiWiki 1.9.7


You may have to explicitly set the version in TikiWiki 1.9.7 to get it to work with LDAP v3. If you are having problems, try the following:

Open userslib.php search for the following code around line 624:

$options["memberisdn"] = ($tikilib->get_preference("auth_ldap_memberisdn", "y") == "y");


Add the following lines right after this line:

$options["version"] = $tikilib->get_preference("auth_ldap_version", "3");

LDAP Pear::Auth Settings With Microsoft Active Directory Services (ADS) And TikiWiki 1.9.7

Essentially the LDAP settings to work with a Microsoft Active Directory Server are the same. However they won't work from the get-go without changing the userslib.php (valid for version 1.9.7)

Open /lib/userslib.php and search for the following code around line 624:

$options["memberisdn"] = ($tikilib->get_preference("auth_ldap_memberisdn", "y") == "y");


Add the following lines right after this line:

$options["binddn"] = $tikilib->get_preference("auth_ldap_adminuser", "");
$options["bindpw"] = $tikilib->get_preference("auth_ldap_adminpass", "");


These lines create the necessary binding for the ADS since by default it doesn't allow anonymous requests.

After that the following LDAP configuration settings do work with ADS:

  1. in the 'User registration and login' section, set 'Authentication method' to 'Tiki and PEAR::Auth'


In the 'PEAR::Auth' section set the following settings:

  1. set 'AUTH Type' to 'LDAP'
  2. set 'LDAP Host:' to the Active Directory server's name or IP address
  3. set 'LDAP Port:' to '389'
  4. leave 'BaseDSN' empty
  5. activate 'Create user if not in Tiki?'
  6. deactivate 'Create user if not in Auth?' (we do not want the user to be created in the LDAP dir)
  7. leave 'LDAP URL' empty
  8. set 'LDAP Scope:' to 'sub'
  9. set 'LDAP Base DN:' to the LDAP version of the domain name as it appears in 'Active Directory Users and Computers'. E.g., if the domain is called my-domain.local, set this to 'dc=my-domain,dc=local'. You might add an 'ou=yourorganizaonalunit' entry too. That depends on your config.
  10. leave 'LDAP User DN' empty
  11. set 'LDAP User Attribute:' to 'sAMAccountName'
  12. set 'LDAP User OC:' to '*'
  13. leave 'LDAP Group DN' empty
  14. set 'LDAP Group Attribute:' to 'cn'
  15. set 'LDAP Group OC:' to 'groupOfUniqueNames'
  16. set 'LDAP Member Attribute:' to 'uniqueMember'
  17. set 'LDAP Member Is DN::' to 'n'
  18. set 'LDAP Admin User Name' to 'cn=LDAPReader, cn=users, dc=my-domain, dc=local' - replace 'LDAPReader' with a username that is able to read the LDAP directory on ADS. Adjust the cn=, dc= settings accordingly.
  19. set 'LDAP Admin User Name' to the password of your LDAPReader user password.


Now you should be able to login. If you get a blank page after login make sure your PHP version is >=4.3.2 as this is required by the LDAP Pear module. After it works with these basic settings you can further refine the settings carefully if (for example) you only want a special group inside the LDAP directory have access to the TikiWiki.



Page last modified on Wednesday 14 May, 2008 13:49:45 GMT-0000

doc.tiki.org

Get Started

Admin Guide User Guide Bootstrap in Tiki

Keywords

Keywords serve as "hubs" for navigation within the Tiki documentation. They correspond to development keywords (bug reports and feature requests):

Accessibility (WAI and 508)
Accounting
Articles and Submissions
Backlinks
Banners
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Link Cache
Calendar
Category
Chat
Clean URLs
Comments
Communication Center
Compression (gzip)
Contacts (Address Book)
Contact us
Content Templates
Contribution
Cookie
Copyright
Credit
Custom Home and Group Home Page
Date and Time
Debugger Console
Directory of hyperlinks
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
Draw
Dynamic Content
Dynamic Variable
External Authentication
FAQ
Featured links
File Gallery
Forum
Friendship Network (Community)
Gmap Google maps
Groups
Hotword
HTML Page
i18n (Multilingual, l10n, Babelfish)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
Kaltura video management
Karma
Live Support
Login
Logs (system & action)
Look and Feel
Mail-in
Map with Mapserver
Menu
Meta Tags
Mobile Tiki and Voice Tiki
Mods
Module
MultiTiki
MyTiki
Newsletter
Notepad
Payment
Performance Speed / Load
Permissions
Platform independence (Linux-Apache, Windows/IIS, Mac, BSD)
Polls
Profiles
Profile Manager
Report
Toolbar
Quiz
Rating
Feeds
Score
Search engine optimization
Search
Search and Replace
Security
Semantic links
Shadowbox
Shadow Layers
Share
Shopping cart
Shoutbox
Slideshow
Smiley
Social Networks
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Stats
Surveys
Tags
Task
Tell a Friend, alert + Social Bookmarking
TikiTests
Theme CSS & Smarty
Trackers
Transitions
TRIM
User Administration including registration and banning
User Files
User Menu
Watch
WebDAV
Webmail
Web Services
Wiki History, page rename, etc
Wiki Syntax
Wiki structure (book and table of content)
Workspace
WSOD
WYSIWYCA
WYSIWYG
XMLRPC

Tiki Newsletter

Delivered fresh to your email inbox!
Newsletter subscribe icon
Don't miss major announcements and other news!
Contribute to Tiki