Setup On Premise LDAP Gateway and Plugin

Setup On Premise LDAP Gateway and Plugin


Pre-Requisites


What is miniOrange LDAP Gateway?

miniOrange LDAP Gateway is a small piece of software that can reside on a shared machine. miniOrange LDAP Gateway allows users to login to publicly/privately hosted sites using credentials stored in Active Directory, OpenLDAP and other LDAP servers. If the LDAP Server is not publicly accessible from your site, this module can be used in conjunction with the miniOrange LDAP Gateway, which is deployed at the DMZ server in the intranet.
Another benefit of this module is that multiple LDAP Configurations can be stored for multiple users of a WordPress based Shared Hosting/ Cloud Service Provider and mapping to the username can be done on the basis of the domain name.
This gateway can be deployed in your own server OR in a domain controller. All Login requests made by miniOrange LDAP/AD Shared Hosting plugin are in HTTP/HTTPS and sent to miniOrange Cloud IDP, which redirects the same to the LDAP Gateway.
For more information regarding LDAP Gateway click here


When to Use miniOrange LDAP Gateway?

If your site is hosted on shared hosting platform like Bluehost, Dreamhost, Flywheel, etc and you are unable to do the following:

  • Installing and enabling the PHP extension.
  • You want to connect over LDAPs and server restart is not possible.

Then you can go with LDAP Intigration for Shared Hosting Environment Plugin. This plugin works over the HTTP API calls to miniOrange servers and from miniOrange servers to your Active Directory server. The LDAP configuration will be stored on a miniOrange cloud based identity provider.


WordPress miniOrange Architecture of LDAP Gateway to setup Cloud / LDAP/AD Login For Shared Hosting Environment Plugin

Workflow for architecture diagram

  • When a WordPress User enters LDAP credentials on the Login Page of the WordPress website, miniOrange Cloud Plugin sends a HTTP/HTTPS Login Request to miniOrange Cloud IDP.
  • miniOrange Cloud IDP forwards this HTTP/HTTPS request to the miniOrange LDAP Gateway.
  • In the next step, miniOrange LDAP Gateway sends LDAP authentication requests to the LDAP/AD Server.
  • Once authentication is done then the LDAP response is sent from the LDAP/AD Server back to the miniOrange LDAP Gateway.
  • This response is forwarded from the LDAP Gateway to miniOrange Cloud IDP.
  • If the authorization is successful, an HTTP/HTTPS response is sent to the miniOrange Cloud Plugin and the user is Logged-In on successful authorization.

Note : All the LDAP Server information like LDAP URL, Bind Account DN, password etc are stored in miniOrange LDAP Gateway.


To setup miniOrange LDAP Gateway click here.

Connect miniOrange Cloud to Gateway


Step 1: Login into miniOrange Gateway

  • Login into Xecurify.com using your registered login credentials.
  • WordPress miniOrange login into admin console WordPress miniOrange login and password to login into admin console

Step 2: Connect miniOrange Cloud to Gateway

  • Login to miniOrange dashboard from the Admin Console.
  • From the left side menu, click on External Directories >> Add Directory
  • WordPress miniOrange Admin Console Dashboard
  • Select User Store type as AD/LDAP.
  • Select the STORE LDAP CONFIGURATION ON PREMISE option.
  • Enable the I have downloaded, installed and configured the miniOrange gateway checkbox.
  • Enter the LDAP Display Name and LDAP Identifier name.
  • Select Directory Type as Active Directory.
  • Configure the Gateway URL. Select the appropriate protocol, either HTTP or HTTPS from the dropdown and configure the public url of the deployed Gateway. Eg:localhost:8080/miniorangegateway.
  • Enable Activate LDAP checkbox
  • WordPress miniOrange Add Directory to setup LDAP Gateway for Cloud LDAP/AD login for shared hosting environment.
  • Click on Save.

Step 3: Test Connection From Cloud to AD

  • Login to miniOrange dashboard from the Admin Console.
  • From the left side menu, click on External Directories.
  • List of all the configured User-Stores will be visible. Click on the Select link of the configuration that we setup in step 2.
  • Click on Select >> Make Default option from the dropdown list.
  • WordPress miniOrange test connection from cloud to active directory
  • Again click on >Select >> Test-Connection from the dropdown list.
  • WordPress miniOrange test connection from cloud to active directory
  • Enter the Username and Password. Click on the Test button to test the connection. On successful connection it will show a message Connection to LDAP was successful.
  • WordPress miniOrange test connection from cloud to active directory by entering username and password

Configure miniOrange LDAP/AD Login for Shared Hosting Plugin


Step 1: Register/Login with miniOrange

  • Login into wordPress and open the LDAP/AD Login for Shared Hosting Plugin.Click on Register or Login with miniOrange.
  • WordPress miniOrange LDAP/AD login for shared hosting environment use miniorange cloud gateway
  • Click on already have an account button.
  • WordPress miniOrange LDAP/AD login for shared hosting environment use miniorange cloud gateway user registration
  • Enter user Email and Password and click on login button.
  • WordPress miniOrange LDAP/AD login for shared hosting environment use miniorange cloud gateway user registration

Step 2: Plugin Configuration

  • Now the user is logged into its miniOrange account. Click on the Plugin Configuration button to configure the plugin.
  • WordPress miniOrange LDAP/AD login for shared hosting environment plugin configuration
  • Select Use miniOrange LDAP Gateway and enter the username and password. Click on the Test Authentication button to test user authentication.
  • WordPress miniOrange LDAP/AD login for shared hosting environment miniOrange LDAP gateway authentication
  • On successful authentication the following message will be shown.
  • WordPress miniOrange LDAP/AD login for shared hosting environment miniOrange LDAP gateway authentication successful

Step 3: Role Mapping

  • Click on Role Mapping.
  • Enter LDAP Group Name and select WordPress Role from the dropdown list.
  • Enter LDAP Group Attributes Name.
  • Check Enable Role Mapping.
  • WordPress miniOrange LDAP/AD login for shared hosting environment role mapping configuration
  • Click on Save Mapping button.

Test Roll Mapping Configuration

  • To test role mapping configuration, enter Username
  • Click on Test Configuration button.
  • If configuration is successful Test Successful popup will be shown.
  • WordPress miniOrange LDAP/AD login for shared hosting environment role mapping configuration testing

Step 4: Attribute Mapping

  • Click On Attribute Mapping.
  • To add Custom Attributes enter the attribute name in Custom Attribute Name field.
  • To add more custom attributes click on the + button.
  • Click on Save Configuration button to save the attributes.
  • WordPress miniOrange LDAP/AD login for shared hosting environment attribute mapping configuration
  • To enable the added attributes check the Enable Attribute Mapping button.
  • WordPress miniOrange LDAP/AD login for shared hosting environment attribute mapping configuration testing

Step 5: Setup Sign-In Settings

  • To configure enable login using LDAP settings to login in WordPress site with LDAP credentials, click on Sign-In Settings.
  • Enable LDAP login: This option is disabled by default. You can enable LDAP login once you are done with the "Test Connection & Save" in LDAP Connection Information.
  • Authenticate users from both LDAP and WordPress: This option allows users to use either of WordPress credentials or LDAP credentials to login in WordPress site.
  • Redirect after authentication: By default it is "None". You can select redirect option for users after login into wordpress site to "Home Page", "Profile Page", "Custom Page".
  • Enable Auto Registering users if they do not exist in WordPress: This option is enabled by default and allow the users to register in WordPress after they login into the WordPress site with LDAP credentials.
  • Protect all website content by login: You can protect the website contents by enabling this option. The users will need to enter their LDAP credentials while accessing any page of WordPress site.
  • miniOrange LDAP Cloud active directory LDAP integration for shared hosting environment plugin sign in settings

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com