For a new project I’m working on I’m once again looking at implementing a WordPress blog in a university setting. Specifically I’m working on a project proposal to introduce a website using the blogging platform provided by WordPress here in the Office of Research at Flinders University. I can’t give away too many of the details as yet.
One of the challenges in implementing WordPress in a university setting, or in any organisation I would imagine, is getting authentication right. Ideally what you need to do is integrate with the official authentication mechanisms. In this way a user can still us their existing user name and password and doesn’t have to rely upon one stored locally in the WordPress database. Thereby ensuring they have one user name and password to manage for as many of their services as possible.
To achieve this goal typically requires integration of WordPress with the organisations LDAP directory, or another directory type service that is accessible over LDAP such as Active Directory. This integration has been an issue in the past for me.
Fortunately this time the solution has been easy. I’ve successfully tested the WPDirAuth plugin. The plugin is primarily written by Stephane Daury, you can read more about the plugin on this page on his blog as well.
The plugin has worked extremely well and was very easy to implement. Two of the features I especially appreciate are the way it disables the standard password boxes in the profile page and replaces it with custom text, and the ability to add custom text to the WordPress login screen.
This plugin also marks the first time I’ve edited a plugin and sent the changes back to the developer. Essentially what I needed to do was not only authenticate a user using an LDAP directory. I had to ensure that they had a specific attribute set, with a specific value. The plugin code was well documented and it was relatively straight forward to make the changes. Hopefully the changes will make it into the next release.
I’ll try to post more about the project as it progresses.
Graduation! photo uploaded to the stock.xchng website by user a51media and found using the everystockphoto.com search engine.
January 29, 2008 at 10:28 am
When I was at UQ Library, we used Lyceum (a port of wordpress to a multiblog mode) and I had to really hack some LDAP plugin to make it work. Good to see some progress being made in that area.
January 29, 2008 at 4:56 pm
Haven’t looked too hard, taking lazy way out by asking you - does it work with WP Mu as well ?
January 29, 2008 at 5:21 pm
@ Kathryn,
I believe it does, I’ve seen some messages to the support group about WP Mu.
Other than that I can’t comment.
February 6, 2008 at 1:32 pm
@ Kathryn,
I had an opportunity to test the plugin under WordPress MU today. I can report that based on my testing it works as it does when used with the ordinary version of WordPress.
The only caveat is that in my testing I found it must be enabled separately for each blog in the system. Which is no real disadvantage as it gives you more flexibility.
February 7, 2008 at 10:19 am
[...] and was a must have plugin, was the WPDirAuth plugin for LDAP authentication that I’ve written about previously. Interestingly, now that the project has changed direction slightly, I don’t need [...]
February 7, 2008 at 10:07 pm
Hi
I am trying to get wordpress adopted as the blog platform in my company and everybody like what they see BUT I need to grant access my NT groups and do silent logins (ie do the login for them if there are found in the AD tree)
Can this be done?
Paul
February 8, 2008 at 8:39 am
@Paul,
Short answer is, I don’t know. I’m not attempting silent logins and I’m authenticating using an LDAP directory, not an Active Directory. I understand that the plugin will work with an Active Directory environment.
My recommendation is to ask this question of the support group.
May 9, 2008 at 1:37 am
Hi,
I’m trying to use the WPDirAuth plugin on WP 2.5 and it simple dont work. The blog dont recognize the users on my Active Directory.
Have you any idea to help us?
Juliotak
May 9, 2008 at 8:43 am
@Juliotak,
I believe you’ll need to use a patched version, more details are in this thread at the wpdirauth-dev Google Group.
Hope this helps.
May 30, 2008 at 10:27 am
[...] WordPress and LDAP authentication « Tech Explorer is I?ve successfully tested the WPDirAuth plugin. The plugin is primarily written by Stephane Daury, you can read more about the plugin on this page on his blog as well. The plugin has worked extremely well and was very easy to implement. [...]
June 18, 2008 at 12:46 am
I have installed the plugin wpdirauth in the wordpress folder and everything worked fine like creating new user account.
I am using IIS 6.0 on Windows Server 2003.
I dont know what to put in the field values for Base DN, bind DN, etc…
I am a newbie to active directory. Please guide me on this.
June 18, 2008 at 10:12 am
@Sunny,
I’ve never needed to use Active Directory so I don’t know what to put into those values.
My only recommendation is to ask this question of the support group.