Legido Wiki

User Tools

Site Tools

Trace:
informatica:linux:mediawiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
informatica:linux:mediawiki [2013/08/27 11:28] – [Envio de correos] javiinformatica:linux:mediawiki [2013/08/29 10:44] – [Restringir login en funcion del grupo] javi
Line 161: Line 161:
   sudo /etc/init.d/apache2 restart   sudo /etc/init.d/apache2 restart
      
 +==== Restringir login en funcion del grupo ====
 +
 +  * En este ejemplo ademas tomamos el e-mail de LDAP
 +  * Grupo LDAP requerido: "ldapwiki"
 +  * Usuario LDAP de ejemplo: "LDAP_USER_1"
 +
 +1. Objetos LDAP:
 +
 +<code>
 +# LDAP user
 +dn: cn=LDAP_USER_1,ou=people,dc=example,dc=com
 +cn: LDAP_USER_1
 +gidnumber: 10001
 +givenname: Name
 +homedirectory: /home/LDAP_USER_1
 +loginshell: /bin/bash
 +mail: LDAP_USER_1@example.com
 +objectclass: inetOrgPerson
 +objectclass: posixAccount
 +objectclass: top
 +sn: Surename
 +uid: LDAP_USER_1
 +uidnumber: 10001
 +userpassword: ******
 +
 +# LDAP group
 +dn: cn=ldapwiki,ou=groups,dc=example,dc=com
 +cn: ldapwiki
 +gidnumber: 10004
 +memberuid: LDAP_USER_1
 +memberuid: LDAP_USER_2
 +objectclass: posixGroup
 +objectclass: top
 +</code>
 +
 +2. Configuracion mediawiki (archivo "Localsettings.php"):
 +
 +<code>
 +# LDAP
 +require_once 'extensions/LdapAuthentication/LdapAuthentication.php';
 +require_once 'includes/AuthPlugin.php';
 +$wgAuth = new LdapAuthenticationPlugin();
 +$wgLDAPDomainNames = array(
 +  'openldap_example_com',
 +);
 +$wgLDAPServerNames = array(
 +  'openldap_example_com' => 'ldap.example.com',
 +);
 +$wgLDAPUseLocal = false;
 +$wgLDAPEncryptionType = array(
 +  'openldap_example_com' => 'tls',
 +);
 +$wgLDAPPort = array(
 +  'openldap_example_com' => 389,
 +);
 +$wgLDAPProxyAgent = array(
 +  'openldap_example_com' => 'cn=readonly,dc=example,dc=com',
 +);
 +$wgLDAPProxyAgentPassword = array(
 +  'openldap_example_com' => '*****',
 +);
 +$wgLDAPSearchAttributes = array(
 +  'openldap_example_com' => 'uid'
 +);
 +$wgLDAPBaseDNs = array(
 +  'openldap_example_com' => 'dc=example,dc=com',
 +);
 +# To pull e-mail address from LDAP
 +$wgLDAPPreferences = array(
 +  'openldap_example_com' => array( 'email' => 'mail')
 +);
 +# Group based restriction
 +$wgLDAPGroupUseFullDN = array( "openldap_example_com"=>false );
 +$wgLDAPGroupObjectclass = array( "openldap_example_com"=>"posixgroup" );
 +$wgLDAPGroupAttribute = array( "openldap_example_com"=>"memberuid" );
 +$wgLDAPGroupSearchNestedGroups = array( "openldap_example_com"=>false );
 +$wgLDAPGroupNameAttribute = array( "openldap_example_com"=>"cn" );
 +$wgLDAPRequiredGroups = array( "openldap_example_com"=>array("cn=ldapwiki,ou=groups,dc=example,dc=com"));
 +$wgLDAPLowerCaseUsername = array(
 +  'openldap_example_com' => true,
 +);
 +</code>
 ===== Reducir el numero de encabezados que genera un TOC (Table Of Contents) ===== ===== Reducir el numero de encabezados que genera un TOC (Table Of Contents) =====
  
informatica/linux/mediawiki.txt · Last modified: 2015/04/13 20:19 by 127.0.0.1