plugin:authad
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
plugin:authad [2017-07-28 07:41] – 76.178.145.97 | plugin:authad [2024-01-18 21:06] (current) – [Server Configuration] added Nginx to the other list to correct the sentence. 69.128.51.162 | ||
---|---|---|---|
Line 6: | Line 6: | ||
email : andi@splitbrain.org | email : andi@splitbrain.org | ||
type : Auth | type : Auth | ||
- | lastupdate : 2014-04-03 | + | lastupdate : 2023-04-04 |
compatible : (bundled) | compatible : (bundled) | ||
depends | depends | ||
conflicts | conflicts | ||
similar | similar | ||
- | tags : !bundled, authentication | + | tags : !bundled, authentication, ad |
downloadurl: | downloadurl: | ||
- | bugtracker : # eg. https:// | + | bugtracker : # eg. https:// |
- | sourcerepo : https:// | + | sourcerepo : https:// |
donationurl: | donationurl: | ||
---- | ---- | ||
Line 30: | Line 30: | ||
Before this plugin can be used, you need to setup some settings: | Before this plugin can be used, you need to setup some settings: | ||
- Prepare your AD server, see also [[#server configuration]] below. | - Prepare your AD server, see also [[#server configuration]] below. | ||
- | - Activate the authad plugin in the [[plugin|Plugin | + | - Activate the authad plugin in the [[plugin:extension|Extension |
- Define connection details in the [[config|Configuration Manager]] | - Define connection details in the [[config|Configuration Manager]] | ||
- Switch on this Auth plugin via the configuration option [[config: | - Switch on this Auth plugin via the configuration option [[config: | ||
Line 43: | Line 43: | ||
===Apache=== | ===Apache=== | ||
- | If you're using Apache on Ubuntu or Debian, just install the '' | + | If you're using Apache on Ubuntu or Debian, just install the '' |
Line 63: | Line 63: | ||
===Other=== | ===Other=== | ||
- | If you're using a web server other than Apache or IIS7, you have to figure it out yourself. :( Please update this article if you succeed. | + | If you're using a web server other than Apache, Nginx, |
===== Configuration===== | ===== Configuration===== | ||
Line 120: | Line 120: | ||
==Other options== | ==Other options== | ||
- | Any other options given in '' | + | Any other options given in '' |
In combination with Single-Sign-On, | In combination with Single-Sign-On, | ||
Line 147: | Line 147: | ||
</ | </ | ||
+ | ==A few caveats== | ||
+ | * account suffix is always added to admin username, even when it already contains @ character | ||
+ | * different suffix for admin and normal accounts is not supported | ||
+ | * empty account suffix, that is entering usernames with suffix, is not supported | ||
===== User Profile and Password Changes ===== | ===== User Profile and Password Changes ===== | ||
- | Users can change their user details (name, email and passwords) using the profile button. This may require to set up a privileged user through the '' | + | Users can change their user details (name, email and passwords) using the profile button. This may require to set up a privileged user through the '' |
Please note that DokuWiki' | Please note that DokuWiki' | ||
Line 188: | Line 192: | ||
- Click " | - Click " | ||
- Click " | - Click " | ||
+ | - Right-click " | ||
{{: | {{: | ||
Line 330: | Line 335: | ||
klist | klist | ||
kdestroy | kdestroy | ||
- | (If you get any errors here, make sure your DNS setup is working and you wrote all marked as " | + | </ |
- | - Create a keytab file for your DokuWiki server. Make sure you have created a non-admin user in Active Directory with no password expiration. Run this as a Domain Admin on a Windows server with Support Tools installed:< | + | - Create a keytab file for your DokuWiki server. Make sure you have created a non-admin user in Active Directory with no password expiration. Run this as a Domain Admin on a Windows server with Support Tools installed: < |
- If no errors occurred, copy the keytab file to / | - If no errors occurred, copy the keytab file to / | ||
+ | - Check if authentication via the keytab file works < | ||
+ | kinit -k -t / | ||
+ | kdestroy | ||
+ | </ | ||
- Create / | - Create / | ||
< | < | ||
Line 385: | Line 394: | ||
Some plug-ins may not gracefully work once you've switched over to the ad auth backend. Specifically, | Some plug-ins may not gracefully work once you've switched over to the ad auth backend. Specifically, | ||
- | Due to [[http:// | + | Due to [[http:// |
plugin/authad.1501220519.txt.gz · Last modified: 2017-07-28 07:41 by 76.178.145.97