Im currently running into some issues trying to set up my ldapprovider.json config.
The mediawiki works with pure LDAP - everyone can login and it works. Now i want only a certain LDAP Group to login and i cant get my head around it...
My ldapprovider.json:
<code>
1 {
2 "intern.goetel.de": {
3 "connection": {
4 "server": "our-dc-controller",
5 "user": "ldap-user",
6 "pass": "password",
7 "options": {
8 "LDAP_OPT_DEREF": 1
9 },
10 "basedn": "ou=container, dc=domain,dc=tld",
11 "groupbasedn": "dc=domain,dc=tld",
12 "userbasedn": "dc=domain,dc=tld",
13 "searchattribute": "samaccountname",
14 "usernameattribute": "samaccountname",
15 "realnameattribute": "cn",
16 "emailattribute": "mail",
17 "grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory"
18 },
19 "authorization": {
20 "rules": {
21 "groups": {
22 "required": ["CN=groupname,OU=OUname,OU=OUname,DC=goetel,DC=de"]
23 }
24 }
25 }
26 }
27 }
</code>
I don´t get any errors. Everyone can still login, doesn´t matter if they´re in that Group or not...
Can someone help me in this?