ScrewTurn Wiki 4 Releases and News
Screwturn Compatible Hosting – Click Here for 3 Months Free!
G+ Twitter          Search: »
Amanuens
ScrewTurn Wiki
Image
Image
Version3.0.2.534
Rating
DeveloperThreeplicate Srl
UpdatedMarch 9, 2010
HomepageN/A
Works withScrewTurn Wiki v3.0.x
LicenseGPLv2

More about this Plugin

The Active Directory plugin allows you to authenticate using your Active Directory credentials.

Configuration

The configuration string of the plugin must at least contain the mapping between ActiveDirectory groups and wiki groups in the form:

GroupMap=ActiveDirectoryGroup1:WikiGroup1
GroupMap=ActiveDirectoryGroup2:WikiGroup2

You can also map multiple wiki groups to the same AD group, for example:

GroupMap=ActiveDirectoryGroup1:WikiGroup1,WikiGroup2

Other configuration options are:
  • CommonGroups=wikigroup1[,WikiGroup2...]
    gives all AD users membership in common wiki groups (Users, etc.)
  • DefaultGroups=WikiGroup1[,WikiGroup2...]
    gives AD users with no wiki group membership default wiki groups (Users, etc.)
  • Domain=some.domain
    authenticates against the given domain (if not specified tries to resolve it from the local machine)
  • Server=somedomaincontroller.some.domain
    authenticates against the given server if the webserver is not joined to the domain (this is mutual exclusive with Domain=some.domain)
  • Username=someusername
    Password=somepassword
    queries Active Directory as the specified user on the domain
  • AutomaticMail=example.com
    In case the user doesn't have an email address in his ActiveDirectory profile, sets the email to a predefined value in the form displayname@example.com
  • CaseInsensitive
    login username is case insensitive.

To activate automatic login with your Active Directory credentials, you have to configure your IIS server to enable "Windows Authentication" and to disable "Anonymous Authentication". You have also to modify the web.config file and add the following string inside the <system.web> section:

<anonymousIdentification enabled="false" />
<authentication mode="Windows" />

If you are using IIS7, make sure to also disable Anonymous Identification and enable Windows Authentication at the website or web application level.

In Internet Explorer to avoid the username and password prompt, remember to add the wiki to the trusted sites list. This way IE sends authentication data automatically based on your current Windows account.



Discuss

DefaultEmail option incorrectWed, 01 Sep 2010 01:21 by Kelly Herald
When I try to use the DefaultEmail=server.com setting I kept getting the error "Invalid config key". When I looked into the source code I found that the setting should be AutomaticMail instead. Once I used that it was fine.
Re: DefaultEmail option incorrectWed, 01 Sep 2010 08:51 by Matteo Tomasini
I fixed it. Thank you very much!
How do you activate this provider?Mon, 13 Dec 2010 16:54 by Mike A.
It's enabled, but will not show up in the list of default providers. The web server is authenticating fine. I turned OFF anonymous, but when I get to the main page, I show up as 'Guest' instead of my active directory name. is there a step I'm missing?

Thanks,

Mike
Re: How do you activate this provider?Tue, 07 Aug 2012 12:54 by DaKo
Do you have any solution for this? I installed ActiveDirectoryProvider, it is enabled, but not showing up in the combobox for default providers.
Re: How do you activate this provider?Tue, 07 Aug 2012 14:50 by DaKo
Got it. Seems, that ADProvider is not a replacement for SqlProvider, but an enhancement. Simply turn it on, go to your wiki, and your Wiki account in Sql (classic) provider will be created automatically. So why it didn't work initially? Well, System Logs told the truth. Active Directory user profile must have an e-mail address defined. If not, Wiki will not create an underlying user for the domain account.
GroupMapThu, 24 Feb 2011 00:37 by David K
I have mapped my AD group membership to the groups in Screw Turn Wiki but when I log in as my AD account, I am denied from seeing any pages. It does pick up my name so I am pretty sure it is authenticating to the DC ok. I can go in to the Accounts Administration and give my AD account a group membership then it all works. Is the AD plugin supposed to automatically map the AD groups to STW groups? or do I need to explicitly set them in the Accounts section of Administrtion? here are my config settings for the AD provider:

Domain=fully.qualified.com (this is not the real domain) Server=adcdc01 DefaultGroups=Users GroupMap=IS_ThirdPartySoftware, IS Third Party Software, IS Web Admin:Administrators GroupMap=Domain Users:Users CaseInsensitive

thanks David K
Re: GroupMapWed, 10 Oct 2012 21:03 by Kevin F
Did you ever get this figured out? I am implementing STW into our organization, and am having the same issue as you with GroupMap. I am currently using DefaultGroups, but would love to get GroupMap working properly. Any help would be appreciated.

Thanks! Kevin F
Brute Force AttackTue, 01 Nov 2011 14:39 by ddag
Hi,

is there a mechanism build into prevent a brute force attack?
AD-verificationWed, 30 Nov 2011 15:11 by Zymos
When using AD-authentication and a person logs on for the first time it checks against the AD and you get your groups as you should but what happens if you change the AD-permission for that user and removes him from the group that is connected to Screwturn Wiki, does the plugin validate/update user-permissions daily or just at creation time?

If it's not updating as it is now, are there any future updates that have this on the 'to implement'-list?

/Z

  Name Size
- Plugin.png 4.26 KB

Side Projects

  • RESX Synchronizer allows to synchronize multi-language .resx files (used for the development of ScrewTurn Wiki).
  • Pixel Picker enables to pick the color of pixels on your screen — very handy for day-to-day graphics-related activities.

About

  • See our Privacy Policy.
  • Powered by ScrewTurn Wiki 3.0.5.613.
  • This namespace contains 45 pages.