Using eDirectory to control access to MediaWiki

From MicroFocusInternationalWiki
Revision as of 18:59, 5 March 2006 by Equill (Talk | contribs)

Jump to: navigation, search

The goal of this page is to configure MediaWiki to use eDirectory for user authentication. I will also explain how to configure authentication based on group membership.


Before we begin I am going to assume that you have the following configured:

  • MediaWiki 1.5+ Configured and running on Server (I'm working on another wiki right now that will detail the steps needed to get MediaWiki running on SLES 9
  • eDirectory installed and configured (I'm using eDirectory 8.8)

Here is how my servers are configured for reference

  • eDirectory Server has a DNS name of
  • wiki server has a DNS name of
  • eDirectory configuration
    • users are in ou=users,o=novell
    • created a group called wiki in the users OU


Download the latest version of the MediaWiki LDAP module from

The module is called LDAP_Authentication and is saved into your MediWiki directory.

I'm running on SLES, so my directory is /srv/www/htdocs/wiki


The LDAP_Authentication receives parameters from your localSettings.PHP to tell it how it should be configured and behave.

Here are my updates to my localSettings.PHP

require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "wikidemo" );
$wgLDAPServerNames = array( "wikidemo"=>""  );
$wgLDAPSearchStrings = array( "wikidemo"=>"cn=USER-NAME,ou=users,o=novell" );
$wgLDAPUseSSL = true;
$wgLDAPUseLocal = false;
$wgLDAPAddLDAPUsers = false;
$wgLDAPUpdateLDAP = false;
$wgLDAPMailPassword = false;
$wgLDAPRetrievePrefs = false;
$wgMinimalPasswordLength = 1;