WordPress.org

Ready to get started?Download WordPress

Forums

Active Directory Integration
is auto authentication still on the horizon? (7 posts)

  1. slackgeek
    Member
    Posted 2 years ago #

    I installed the plugin and it's working great. I was looking into auto authentication based on being logged into Windows. My server is W2K8 R2 running IIS7 and I have full control and access to it. I saw this post:

    http://wordpress.org/support/topic/plugin-active-directory-integration-automated-login-from-windows-credentials

    And tried the suggestion at the bottom, but it doesn't seem to work. Users are created if they go to the wp-admin page and type in their credentials, which is great, but we have A LOT of users that will be accessing this page and it'd be awesome to not have to direct them there in order for their account to be created.

    Or possibly, does anyone know if I can get the functions.php workaround going? Is there perhaps something I need to enable or configure on my server?

    http://wordpress.org/extend/plugins/active-directory-integration/

  2. alexnolan
    Member
    Posted 2 years ago #

    What authentication method have you got set in IIS? The auto_login() function probably expects Integrated Windows Authentication only, might not work if you have anonymous enabled. It also seems to need 2 page refreshes to actually display the user as logged in, and of course there is no way to ever log out!

    I've also used the IIS Authentication Plugin occasionally to add some extra methods, seems to work ok but compatibility problems with Dynamic Widgets & Buddypress.

    https://www.iis.net/community/default.aspx?tabid=34&g=6&i=1500

    I'd still like to see proper automatic AD authentication. The hack remains an unsatisfactory workaround in my book!

  3. alexnolan
    Member
    Posted 2 years ago #

    Also, just noticed, here's the ticket for auto-authentication on the developer's bug tracker. Some useful comments on there.

    http://bt.steindorff.de/view.php?id=3

    One thing to note is that get_userdatabylogin($user_login) is now depreciated, so change that bit of the code for get_user_by('login', $user_login). New auto_login() function should look like this:

    function auto_login() {
    	if (!is_user_logged_in() && isset($_SERVER['LOGON_USER'])) {
    		$user_login = substr($_SERVER['LOGON_USER'], strrpos($_SERVER['LOGON_USER'],'\\')+1, strlen($_SERVER['LOGON_USER'])-strrpos($_SERVER['LOGON_USER'],'\\'));
    		$user = get_user_by('login', $user_login);
    		$user_id = $user->ID;
    		wp_set_current_user($user_id, $user_login);
    		wp_set_auth_cookie($user_id);
    		do_action('wp_login', $user_login);
        }
    }
    add_action('init', 'auto_login');
  4. slackgeek
    Member
    Posted 2 years ago #

    I finally got around to trying this and it totally worked.

    Using the modified code without the depreciated function, and fiddling with my IIS7 authentication setting solved the problem.

    I did not notice the 2 refreshes - it seems to work perfectly when I first load the page. I tested it as a few different users.

    Also, I don't want users to be able to log out, so as long as there's no hiccups, it's perfect.

    Thank you!

  5. slackgeek
    Member
    Posted 2 years ago #

    Ahhhh man - I spoke too soon.

    While it DOES work, it only works when the user has already been created within WordPress. So, the user would still have to visit wp-admin, and login with their AD credentials once, in order for the account to be created within WordPress, and then once the account was created, the desired behavior (of always automatically logging you into WordPress) is achieved.

  6. tallmanbrown
    Member
    Posted 1 year ago #

    I tried (unsuccessfully) to modify the code in my ad-integration.php as suggested at http://bt.steindorff.de/view.php?id=3, but also with alexnolan's code modification above.

    It simply killed my SSL authentication altogether. (For what it's worth, my deployment is on a redundant 4-server web-farm running WinServer 2008 R2 and IIS7.5 with Windows Authentication.) Should I have disabled Anonymous Authentication when trying this? Is that why it didn't work?

  7. camdizzle
    Member
    Posted 1 year ago #

    RealDolmen - IIS Authentication Plugin

    Look up that plugin. I use it on my IIS envrio and it works AMAZINGLY.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.