Posts Tagged ‘ slapd

Set up WordPress to Authenticate via LDAP

This guide assumes that you already have both a working WordPress site and a working LDAP server using slapd. I used this Digital Ocean LDAP server setup guide. Obviously if your settings are different this guide may not work.

Get the Simple LDAP Login Plugin

Get the Simple LDAP Login plugin here and enable it in wordpress.

Basic Settings

Go to Settings -> Simple LDAP Login. Check the “Enable LDAP Authentication” checkbox.

I skipped the Account Suffix box. In the Base DN box, be aware that what you add here will appended to your username when it’s passed to the LDAP server. I entered ‘ou=users,dc=test,dc=com’ in that box, and now when I try to log in with the user name ‘Mike Smith’, this is what gets sent to LDAP: cn=Mike Smith,ou=users,dc=test,dc=com. It says not to enter your OU here, but I don’t see anywhere else to put it.

In the Domain Controllers box, enter the IP address or hostnames of your LDAP servers. Hit Save Settings.

Wordpress Simple LDAP Login Basic settings

WordPress Simple LDAP Login Basic settings

Advanced Settings

Open up the Advanced tab. Check the box that says User Creations. If you don’t check that box, your logins will fail even if LDAP authentication succeeds.

I changed the New User Role to Author since I trust all the users in my LDAP system.

I had to change the LDAP Login Attribute to cn, since this is what gets prepended to your username when it gets passed to LDAP. This seems to be the standard when using slapd.

Wordpress Simple LDAP Login Advanced settings

WordPress Simple LDAP Login Advanced settings

Done…?

At this point you should be able to log in using a user’s cn attribute, and that will create a new user account in WordPress. Your cn should be the user’s first name and last name.