Prerequisite
To download the LDAP/AD Login for Intranet Sites premium plugin. Login to your miniOrange Admin Console.
Navigate to License >> Manage License >> Plugin Releases and Downloads. Download the plugin zip file.
From your WordPress dashboard
After successful activation you will see the Icon of LDAP/AD plugin in the menus displayed on the left side on your admin dashboard. Click on the Icon to open LDAP/AD plugin configuration. Click on Register or Login with miniOrange link as shown in the below screenshot.
In Login/Register tab, Enter your miniOrange account credentials which you have used at the time of the plugin purchase. Click on the Save button.
After successful login, following license verification screen will be displayed. Goto License->Manage License section in your miniOrange account dashboard. Click on the View License Key button and Copy the license key. Enter the copied license key in the License Key text field as shown in the below screenshot. Click on the Activate License button.
Once the license is activated successfully. You can now proceed with the plugin configuration.
LDAP Server URL: Specify the host name for the LDAP server.
eg: ldap://myldapserver.domain:389, ldap://12.12.112.1:389,
When using SSL, the host may have to take the form ldaps://host:636.
Service Account DN: This service account will be used to establish the connection with LDAP server. Specify the Service Account DN (distinguished Name) of the LDAP server.
Service Account Password: Password for the Service Account in the LDAP Server.
Once the connection is successfully made with your LDAP server then go to the LDAP user mapping configuration.
Serach Conditions: You can configure either of the two options.
Username Attribute: Enter the LDAP Username Attribute. You will need to enter the username during LDAP login based on the username attribute configured.
eg. sAMAcoountName, mail, userPrincipalName
Custom Search Filter: You can also enable Enable Custom Search Filter to write your own custom search filter.
eg. (&(objectClass=*)(mail=?)), (&(objectClass=*)(|(samaccountname=?)(mail=?)))
After successful user mapping, you can perform test authentication to verify whether the LDAP Authentication is working fine or not by entering the username and password of any LDAP user account.
Enable LDAP login: This option is disabled by default. You can enable LDAP login once you are done with the "Test Connection & Save" in LDAP Connection Information.
Authenticate users from both LDAP and WordPress: This option allows users to use either of WordPress credentials or LDAP credentials to login in WordPress site. By default it is "Only Administrators". You can enable this option for "Only Administrators" or "All Users". If you dont want users to use wordpress password you can select "None".
Redirect after authentication: By default it is "None". You can select redirect option for users after login into wordpress site to "Home Page", "Profile Page", "Custom Page".
Enable Auto Registering users if they do not exist in WordPress: This option is enabled by default and allow the users to register in WordPress after they login into the WordPress site with LDAP credentials.
Protect all website content by login: You can protect the website contents by enabling this option. The users will need to enter their LDAP credentials while accessing any page of WordPress site.
After successful "Test Authentication". Naviagte to Role Mapping tab to map the users of LDAP groups with WordPress roles.
LDAP Groups to WP User Role Mapping: Enter the LDAP group distinguished name in LDAP Group Name and select the WordPress role you want to assign for the members of that group.
LDAP Group Attributes Name: Specify attribute which stores group names to which LDAP Users belong. Click on Save Mapping
Test Role Mapping Configuration: Enter the username of the LDAP user which is a member of one of the specified LDAP groups.
Click on Test Configuration. A new window will open where you can see the results for test role mapping.
Note: WordPress roles will be assigned to the user only after LDAP Login in WordPress site.
Navigate to Attribute Mapping tab and configure the basic LDAP attributes. You can also add extra LDAP user attributes in Add Custom Attributes section.
Enable Attribute Mapping: This option allows to map LDAP user attributes to WordPress user profile attributes after LDAP login.
Enable updating information in LDAP when user edits profile: The option is visible only after the "Enable Attribute Mapping" option is enabled. This option allows you to update the user attributes in LDAP after updating WordPress user profile.
Test Attribute Configuration: Enter the username of any LDAP user for which you want to test attribute mapping.
Note: Attribute mapping from LDAP to WordPress user profile will be performed only after LDAP Login in WordPress site.
If you dont find what you are looking for, Please contact us at info@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about LDAP Advanced Role Mapping Premium Plugin.