> For some WIKIs that are running in our Intranet, I need to > authenticate our users using LDAP and the following two WIKI > groups: Readers (testgroup) and Writers (testgroup2). > Anonymous should not be able to read the WIKI pages. > my problem is, that using the syntax: > > $wgLDAPRequiredGroups = array( > "testLDAPdomain"=>array( > "cn=testgroup,ou=groups,dc=LDAP,dc=example,dc=com", > "cn=testgroup2,ou=groups,dc=LDAP,dc=example,dc=com" > ), > I cannot define different rights for users in the testgroup > than the users in the testgroup2 have. This mean, if a user > is in one of each two groups, he will always get the Writers access. > Can you please explain how I can define two groups, with > different rights (Readers & Writers)?
This is only part of what you want... You are limiting login to these specific groups, but you also need to synchronize your security groups. See: http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_based_ restrictions_.28NEW.29 http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_synchr onization http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Syncronizing _LDAP_groups_with_MediaWiki_security_groups http://www.mediawiki.org/wiki/Extension:LDAP_Authentication#Group_based_ login_restriction_configuration_options You'll also need to setup your MediaWiki groups as well: http://www.mediawiki.org/wiki/Manual:User_rights http://www.mediawiki.org/wiki/Manual:User_rights_management http://www.mediawiki.org/wiki/Manual:Preventing_access V/r, Ryan Lane _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
