LDAP/Active Directory Login for Intranet Sites Premium Plugin provides login to WordPress using credentials stored in your LDAP Server. It allows users to authenticate against various LDAP implementations like Microsoft Active Directory, OpenLDAP and other directory systems.
Login to your miniOrange Admin Console using the account you used to make the payment.
Goto License section and click on Manage License.
Goto Releases and downloads section to download the plugin/add-on.
To activate the licence key in the plugin, follow the instructions below.
Click on Login with miniOrange account link as shown in the below screenshot.
Enter your miniOrange account credentials which you have used at the time of the plugin purchase and then click on the Verify button.
To get license key, login to your miniOrange Admin Console, goto License->Manage License. Click on the View License Key button and then Copy the license key.
Enter the license key in the License Key text field as shown in the below screenshot and then click on the Activate License button.
Once the license is activated successfully. You can now proceed with the plugin configuration.
LDAP Connection Information
Select Your Directory Server : You can select Microsoft Active Directory, OpenLDAP and other directory server.
LDAP Server : Select ldap or ldaps from the above dropdwon list. Specify the host name for the LDAP server in the above text field. Edit the port number if you have custom port number
Service Account DN : The connection to the LDAP server will be established using the service account. You can also specify the LDAP user in the either way as follows Username@domainname or Distinguished Name(DN) format
Service Account Password : Password for the Service Account in the LDAP Server.
LDAP User Mapping Information
Search Base : Click on Possible Search Bases/Base DNs button to get a list of all OU's in the LDAP Server and select them.
Alternatively, Provide the distinguished name of the Search Base object. If you have users in different locations in the directory(OU's), separate the distinguished names of the search base objects by a semi-colon(;).
Search Conditions : You can configure either of the two options.
Username Attribute : Select the LDAP Username Attribute. You will need to enter the username during LDAP login based on the username attribute configured.
eg. sAMAcoountName, mail, userPrincipalName
Custom Search Filter : You can also enable Enable Custom Search Filter to write your own custom search filter.
eg. (&(objectClass=*)(mail=?)), (&(objectClass=*)(|(samaccountname=?)(mail=?)))
After successful user mapping, you can perform test authentication to verify whether the LDAP Authentication is working fine or not by entering the username and password of any LDAP user account.
Sign-In-Settings Information
Enable LDAP login : This option allows you to login in WordPress site with LDAP credentials, This option is disabled by default. You can enable LDAP login once you are done with the "Test Connection & Save" in LDAP Connection Information.
Authenticate users from both LDAP and WordPress : This option allows users to use either of WordPress credentials or LDAP credentials to login in WordPress site. By default it is "Only Administrators". You can enable this option for "Only Administrators" or "All Users". If you dont want users to use wordpress password you can select "None".
Redirect after authentication: By default it is "None". You can select redirect option for users after login into wordpress site to "Home Page", "Profile Page", "Custom Page".
Enable Auto Registering users if they do not exist in WordPress: This option is enabled by default and allow the users to register in WordPress after they login into the WordPress site with LDAP credentials.
Protect all website content by login: You can protect the website contents by enabling this option. The users will need to enter their LDAP credentials while accessing any page of WordPress site.
Role Mapping Information
Enable Role Mapping : Enabling Role Mapping will automatically map Users from LDAP Groups to below selected WordPress Role. Role mapping will not be applicable for primary admin of WordPress.
Do Not Remove Existing Roles Of Users : This feature allows you to keep the existing WordPress role and assign new WordPress roles upon ldap login.
Enable Fetching Of Nested Groups : This feature allows to fetch the nested ldap groups from Active Directory.
Default Role : Default role will be assigned to all users for which mapping is not specified.
Configure Role Mapping : Provide the Search Base DN which contains the LDAP security groups information and Click on Show Groups button. You will see the list of ldap groups, select the multiple WordPress role and click on plus button and then click on Save the mapping.
LDAP Group Attributes Name : Specify the ldap attribute which contains group membership information.
Test Role Mapping Configuration : Enter the username of the LDAP user which is a member of one of the specified LDAP groups.
Click on Test Configuration. A new window will open where you can see the results for test role mapping.
Note: WordPress roles will be assigned to the user only after LDAP Login in WordPress site.
Attribute Mapping Information
Enable Attribute Mapping : This option allows to map LDAP user attributes to WordPress user profile attributes after LDAP login.
Enable updating information in LDAP when user edits profile : The option is visible only after the "Enable Attribute Mapping" option is enabled. This option allows you to update the user attributes in LDAP after updating WordPress user profile.
Add Custom Attributes : You can map custom attributes as well, Enter LDAP attributes which you wish to be included in the user profile
Test Attribute Configuration : Enter the username of any LDAP user for which you want to test attribute mapping.
Note: Attribute mapping from LDAP to WordPress user profile will be performed only after LDAP Login in WordPress site.
Configure Settings
Here you can export the plugin configuration from the staging or testing site with or without the password, and then import it into your production or live site.
Authentication Report
Keep User Report table on Uninstall : Keep User Report table on Uninstall feature allows you to keep users logging reports even after uninstalling the plugin.
Log Authentication Requests : You can track the login activity of the individual LDAP users in the WordPress site
If you dont find what you are looking for, Please contact us at info@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about LDAP/AD Login for Intranet Sites Premium Plugin.
Need Help? We are right here!
