Below are example configurations for use with the authLDAP plugin and the freeIPA server. The freeIPA server is also the basis for Red Hat Enterprise Linux Enterprise IPA and the examples should work on both systems.
Tip: Create a group named “wiki-admins” on the IPA server to and assign it to users. They will then be given superuser access to DokuWiki. That way you do not have to add a user to the global “admin” group on the IPA server.
PS: I have not gotten DokuWiki to work with TLS enabled.
Use the Config Manager or (create and) add it to the conf/local.protected.php to store the config protected.
<?php $conf['authtype'] = 'authldap'; $conf['superuser'] = '@wiki-admins'; $conf['plugin']['authldap']['server'] = 'ldaps://ipa.example.com'; $conf['plugin']['authldap']['port'] = 636; $conf['plugin']['authldap']['usertree'] = 'cn=users,cn=accounts,dc=example,dc=com'; $conf['plugin']['authldap']['grouptree'] = 'cn=groups,cn=accounts,dc=example,dc=com'; $conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))'; $conf['plugin']['authldap']['groupfilter'] = '(&(member=%{dn})(objectClass=posixGroup))'; $conf['plugin']['authldap']['version'] = '3';
If the settings don't work and you want to go back to local authentication, simply comment out the first line, like this:
//$conf['authtype'] = 'authldap';