{"id":23,"date":"2005-12-12T13:31:38","date_gmt":"2005-12-12T11:31:38","guid":{"rendered":"https:\/\/www.dont-panic.cc\/capi\/?p=23"},"modified":"2006-04-29T19:38:51","modified_gmt":"2006-04-29T18:38:51","slug":"tikiwiki-and-active-directory-integration","status":"publish","type":"post","link":"https:\/\/www.dont-panic.cc\/capi\/2005\/12\/12\/tikiwiki-and-active-directory-integration\/","title":{"rendered":"TikiWiki and Active Directory Integration"},"content":{"rendered":"<p>If you want to authenticate <a href=\"http:\/\/www.tikiwiki.org\">TikiWiki<\/a> agaist Microsoft Active Directory, have a look at <a href=\"http:\/\/tikiwiki.org\/tiki-view_faq.php?faqId=10&#038;comzone=hide\">this article<\/a>.<\/p>\n<p>The most interesting part in this posting is that if you are using a Windows 2003 Server, you need to patch the LDAP.php in the PEAR authentication module, as Win2k3 by default does not allow any anonymous queries against the directory.<\/p>\n<p>In <code>&lt;tikiroot&gt;\/lib\/pear\/Auth\/Container\/LDAP.php<\/code> search for the following line in function <code>_connect()<\/code>:<\/p>\n<blockquote><p><code>if ((@ldap_bind($this->conn_id)) == false) {<\/code><\/p><\/blockquote>\n<p>and replace it with<\/p>\n<blockquote><p><code>if ((@ldap_bind($this->conn_id,\"someuser\",\"somepassword\")) == false) {<\/code><\/p><\/blockquote>\n<p>Note, that someuser is in the form of <code>user@domain.tld<\/code>.<\/p>\n<p>I also recommend to choose to authenticate your admin user against the internal database and not the LDAP (AD) container, otherwise you will lock yourself out easily.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you want to authenticate TikiWiki agaist Microsoft Active Directory, have a look at this article. The most interesting part in this posting is that if you are using a Windows 2003 Server, you need to patch the LDAP.php in the PEAR authentication module, as Win2k3 by default does not allow any anonymous queries against &hellip; <a href=\"https:\/\/www.dont-panic.cc\/capi\/2005\/12\/12\/tikiwiki-and-active-directory-integration\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;TikiWiki and Active Directory Integration&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,10],"tags":[60,61,63,62],"class_list":["post-23","post","type-post","status-publish","format-standard","hentry","category-internet","category-sysadmin","tag-active-directory","tag-single-sign-on","tag-tikiwiki","tag-wiki"],"_links":{"self":[{"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/posts\/23","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/comments?post=23"}],"version-history":[{"count":0,"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/posts\/23\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/media?parent=23"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/categories?post=23"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dont-panic.cc\/capi\/wp-json\/wp\/v2\/tags?post=23"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}