Active Directory Authentication Integration

FAQ

Can I use this plugin if I’m not running Multi Site?

You certainly can. This plugin should be fully compatible with a regular WordPress installation, a WordPress Multi Site installation and even a WordPress Multi Network installation.

Why am I able to login using AD on one site, but not another in a multisite installation?

This plugin will only affect sites on which it is activated. If you do not network-activate it in a multisite installation, you won’t be able to login using AD credentials on any of the sites on which it’s not activated. Likewise, if you are running a multi-network installation, the plugin will need to be network-activated on all of your networks (there is an option in the plugin once it’s activated on one network to activate it on all networks) in order for login to check the Active Directory on all networks.

Can I use this plugin for normal LDAP authentication?

I’m honestly not sure. As far as I know, this plugin is only compatible with Active Directory servers, but it’s possible it might work with other implementations of LDAP.

Why am I seeing a message about LDAP not being supported?

This plugin requires that LDAP support be compiled into PHP in order to work properly. If you are seeing that error message, it means that the plugin detected that the PHP ldap_connect() function is not available.

Is it possible to use TLS with a self-signed certificate on the AD server?

Yes, this works. But you have to add the line TLS_REQCERT never to your ldap.conf on your web server. If you don’t already have one, create it. On Windows systems the path should be c:\openldap\sysconf\ldap.conf.

Can I use LDAPS instead of TLS?

Yes, you can. Just put ldaps:// in front of the server in the option labeled “Domain Controller” (e.g. ldaps://dc.domain.tld), enter 636 as port and deactivate the option “Use secure connection?”.

Why do I see “Should this set of options be updated for all of your networks?” at the top of each settings section?

That means that this plugin detected that you have either the WP Multi Network plugin or the Networks for WordPress plugin installed and activated. If you leave this checkbox ticked, any changes you make to that section of settings will be saved on all of the networks, rather than just being saved on the current network.

If you do not have either plugin installed and activated, you should not see this option. If you do, that is a bug and should be reported.

Why do I see the checkbox mentioned above on one network, but not another?

Again, that option will only appear on sites where the Multi Network or Networks for WordPress plugin is active. If you only have that plugin activated on a single site, this AD Authentication Integration plugin will have no way of knowing that you are running multiple networks.

How do I request new features or report a bug with this plugin?

Please either start a new topic in the official WordPress support forums or make a comment on the appropriate post within my plugins blog.

How do I enable debug information?

There are multiple levels of debug information within this plugin, all carried over from glatze’s plugin. To set the debug level, find the following line in the active-directory-authentication-integration.php file:
$ADAuthIntObj->setLogLevel(ADAI_LOG_NONE);
and change it to:
$ADAuthIntObj->setLogLevel(ADAI_LOG_DEBUG);
Other than “none” and “debug”, there are 5 other levels of debug information. ADAI_LOG_DEBUG is the highest level, meaning that all debug information output from this plugin will be displayed on-screen. ADAI_LOG_NONE is the lowest level, meaning that no information will be displayed on the screen. The levels of logging are (from highest to lowest):

• ADAI_LOG_DEBUG
• ADAI_LOG_INFO
• ADAI_LOG_NOTICE
• ADAI_LOG_WARN
• ADAI_LOG_ERROR
• ADAI_LOG_FATAL
• ADAI_LOG_NONE