Last modified: 2014-02-12 23:38:32 UTC
I have successfully setup LdapAuthentication extension for my mediawiki site. The LDAP authentication works and I may notice that in my ldap.log. Here is my ldap setting in LocalSettings.php: $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( 'DOM'); $wgLDAPServerNames = array( 'DOM' => 'ldap.example.my'); $wgLDAPSearchAttributes = array( 'DOM' => 'uid'); $wgLDAPBaseDNs = array( 'DOM' => 'ou=employee,dc=example,dc=com'); $wgLDAPEncryptionType = array( 'DOM' => 'tls'); $wgMinimalPasswordLength = 1; I then try to use set BaseDN to my alias group, is obviously the LdapAuthentication doesn't support alias deference: $wgLDAPBaseDNs = array( 'DOM' => 'ou=aliasgroup,dc=example,dc=com'); $wgLDAPOptions = array( 'DOM' => array( LDAP_OPT_DEREF => LDAP_DEREF_ALWAYS )); The $wgLDAPOptions doesn't seems to function. I attempt to trace the source LdapAuthentication.php and found in line 230: public static function ldap_search( $ldapconn, $basedn, $filter, $attributes=array(), $attrsonly=null, $sizelimit=null, $timelimit=null, $deref=null ) { There is a parameter $deref in function ldap_search. It seems that LdapAuthentication doesn't make use of $deref parameter. I change $deref=null to $deref=3 and the authentication via alias works without problem. Please enhance LdapAuthentication to support alias dereferencing. Thank you.
Marking this feature request as assigned, and assigning priority to normal.