[Stephen Klein]

Hi,

 

I am looking to deploy a simple Commons in a Box multi-site install with use of the Simple LDAP plugin.

Essentially, I want to configure, so that anyone who logins via LDAP is automatically registered and allowed to create a site/blog.

But performed various installations and do not seem to have gotten the order correct to allow for this functionality.

For starters, my assumption is that I need to have the simple LDAP plugin installed first, then setup multi-site and then the Commons?

Proceeding forward, I will probably ask you further questions. Thank you.

 

[Jared Bennett]

I’m not an LDAP expert by any stretch, but we did have LDAP configured for authentication before we moved our server off-site and opted for SAML instead. I know what was configured on the WP side as far as workflow is concerned

The order of install doesn’t really matter. Get your site set up with Multisite and the CBOX setup. You always want to be able to log in as the admin using the core functionality, so that if the LDAP service fails, as the admin you can still log in and triage issues.

I was never able to find an LDAP plugin that worked on Multisite, so I had the plugin active only on the main site and forced users to enter through the main domain, even if they were headed to their own subsite on the multisite install. Alternatively if you are syncing the LDAP password from your system over to WP (I’m not familiar with Simple LDAP, but some plugins offer this), then after they initially log in and their profile is created, their username and password will work on all the subsites. There are probably some security issues here you should be aware of if the reason you are trying to set up LDAP is to keep your passwords securely managed in one location, this sync defeats that.

[Stephen Klein]

Thanks, Jared.

[Author]

Posts