authLdap icon indicating copy to clipboard operation
authLdap copied to clipboard

Published 20 hours ago verified publisher icon heiglandreas

user creation does not appear to work in multisite

Open chaplina opened this issue 9 years ago • 5 comments

For WPMU, I believe an additional function needs to be called after wp_insert_user.

Reference here:

http://codex.wordpress.org/WPMU_Functions/add_user_to_blog

chaplina avatar Mar 06 '15 14:03 chaplina

OK, I'll have to dig into that. So you are using WP in a multisite environment? I'll have to set that one up and check it. I'll be back with you!

heiglandreas avatar Mar 06 '15 14:03 heiglandreas

Note that I'm not asking for functionality for the plugin to work in "Network Activate" mode (i.e. all blogs in the site use LDAP for authentication). But that would be nice IF it could be configured to try wordpress authentication if LDAP authentication did not work. The other required config would be locking down the LDAP settings so a blog admin could not change those settings.

This is the plugin we had been using but it is does not appear to be maintained:

http://wordpress.org/extend/plugins/simple-ldap-login/

This is a patch that was created to add multisite capabilities:

https://wordpress.org/support/topic/fixed-multisite-support-in-simple-ldap-login-plugin

BUT, I'm not sure if the create user worked as we never implemented that in our WPMU 3.3 instance (we are migrating to 4.1.1).

chaplina avatar Mar 06 '15 15:03 chaplina

So WPMU-Support would not be the main thing. When I get you right you'd be happy to see these features in this order:

  1. Use wordpress authentication if LDAP authentication doesn't work. That way special wordpressusers (like admins) can use wordpress even without LDAP. The question is whether that isn't more passwords to remember for the admins. As you could configure the plugin by only setting an LDAP-group for the admins and leave everything else except the default-role empty you could explicitly enable LDAP-based admins for the WP-site
  2. Enable WPMU-Support by adding a user to a certain blog on login. I'm not quite sure on how the blog is identified but I'll see to finding a solution to that one.
  3. Locking the LDAP settings should already be possible by adding the plugin as mu-plugin. That way - AFAIK - only site-admins can edit the config. But I'll check that one.

heiglandreas avatar Mar 06 '15 15:03 heiglandreas

With regards to 1: that does not help in a situation where LDAP authentication is failing for everyone :))

WRT 2: your statement is good so far

WRT 3: I learn something new everyday...did not know that about mu-plugins!

On 03/06/2015 10:46 AM, Andreas Heigl wrote:

So WPMU-Support would not be the main thing. When I get you right you'd be happy to see these features in this order:

  1. Use wordpress authentication if LDAP authentication doesn't work. That way special wordpressusers (like admins) can use wordpress even without LDAP. The question is whether that isn't more passwords to remember for the admins. As you could configure the plugin by only setting an LDAP-group for the admins and leave everything else except the default-role empty you could explicitly enable LDAP-based admins for the WP-site
  2. Enable WPMU-Support by adding a user to a certain blog on login. I'm not quite sure on how the blog is identified but I'll see to finding a solution to that one.
  3. Locking the LDAP settings should already be possible by adding the plugin as mu-plugin. That way - AFAIK - only site-admins can edit the config. But I'll check that one.

— Reply to this email directly or view it on GitHub https://github.com/heiglandreas/authLdap/issues/25#issuecomment-77580246.

chaplina avatar Mar 06 '15 16:03 chaplina

Fair point for missing LDAP! I'll see what I can do :wink:

heiglandreas avatar Mar 06 '15 16:03 heiglandreas