Category | Application |
Active Installs | 68 |
Rating | |
License | GNU Lesser General Public License 2.1 |
Sources | Issues |
Active Directory application represents one of the many User Authentication mechanisms available in XWiki and it uses the information from an Active Directory server.
A connection needs to be set between XWiki and Active Directory in order to synchronize their users and groups. Active Directory users will be able to authenticate in XWiki and a dedicated XWiki user will be created at the first login.
In order to use this application, follow the Installation guide and then configure it from the Wiki Administration
The following image is an overview of the Active Directory application. To find out more about how to use and configure the application please read the Documentation.
Connection settings
The Check connection button helps to check in real time that the authentication credentials are correct.
Field | Description | Default | |
---|---|---|---|
Active Directory server address | The address (IP or domain name) of the server to connect to. For example, 127.0.0.1 would be used for a server that is located on the same machine where XWiki is installed. | 127.0.0.1 | |
Active Directory server port | The port to connect to. For example, 389 would be used if the server is running on the standard LDAP port. | 389 | |
Active Directory user dn | The bind login (user distinguish name) to connect to the server with. This can be left empty for anonymous access to the server. If the server is not configured to accept anonymous access, then the full DN of a user with proper access rights must be provided. For example, cn=admin,dc=example,dc=com is how a user DN should look. | N/A | |
Active Directory password | This can be left empty for anonymous access to the server. This is the password for the previous defined Active Directory User DN and should be used together. | N/A |
Configuration
The Active Directory application comes with a set of default values configured, so the user only needs to specify the Base DN and the setup is done.
Field | Description | Default | |
---|---|---|---|
Active Directory Base DN | The Base DN is the root of the tree containing the users and where the server performs the search. E.g. dc=example,dc=com. | N/A |
Advanced
In order to provide a custom configuration to the application, click on Show Advanced Configuration and start exploring all the available options.
Field | Description | Default |
---|---|---|
Enable the Active Directory authentication | Enable the Active Directory authentication for this wiki, otherwise only XWiki authentication will work. If enabled and configured properly, an XWiki user will be created whenever an Active Directory user visits the wiki for the first time. | Yes |
Enable the XWiki authentication | Enable the XWiki authentication for this wiki, as a fallback solution. Without this setting you will be unable to log into XWiki with local accounts. Also, if Active Directory authentication fails for any reason, the XWiki DB authentication will be tried with the same credentials. | Yes |
Active Directory UID attribute name | Specifies the Active Directory attribute containing the identifier to be used as the XWiki user name. | sAMAccountName |
Active Directory user fields mapping | Set a link between an XWiki user property that needs to store the data from an Active Directory user field. For example, first_name->givenName (first_name belongs to XWiki.XWikiUsers class and givenName to Active Directory user profile) | last_name=sn,first_name=givenName, email=mail,company=company, comment=comment,phone=mobile |
Active Directory groups mapping | Set a link between an XWiki group that needs to store, as members, ther users belonging to an Active Directory group. For example, XWiki.XWikiAdminGroup->cn=marketing,ou=groups,dc=example. By default, all the users are added into XWiki.XWikiAllGroup. | N/A |
Field | Description | Default |
---|---|---|
Allow Active Directory authentication only to certain group | This field can be used to provide authentication rights only to the members of an Active Directory group. If this is empty, no restriction will be applied and all the users from the Base DN will be able to authenticate. To configure use the full DN of the group: cn=developers,ou=groups,o=XWiki,c=FR. | N/A |
Forbid Active Directory authentication to certain group | This field can be used to deny authentication rights to the members of an Active Directory group. The users that are members of the following group can't authenticate. To configure use the full DN of the group: cn=designers,ou=groups,o=XWiki,c=FR./ | N/A |
Update user from Active Directory after login | If this property is enabled, the XWiki user data will be updated from Active Directory on every login of the user, otherwise the mapping will be done only once, when the user is created. | Yes |
Update user photo from Active Directory | If this property is enabled, the XWiki avatar will be updated from Active Directory on every login of the user, otherwise the photo will not be updated. | No |
Active Directory groups cache expiration | Time in seconds after which the list of members in a group is refreshed from Active Directory. | 21600 (6 hours) |
When to synchronize the Active Directory groups | The groups will be synchronized by default on every authentication of a user. For example, if an Active Directory user is moved to a different group, at the next login it will be moved in XWiki in the right group. | At each authentication of a user |
Installation Steps
This paid extensions requires XWiki 11.10 or above. In order to install the extension, follow the next steps inside your XWiki instance (on cloud or on premise).
Navigate to the Extension Manager
In the Applications Panel click on "More Applications..." and then "Install new applications...". Alternatively navigate directly to the Administration and select the "Extensions" section.
Install the Extension
Search for the extension you wish to install and use the Install button to install it.
Get a License
Navigate to the "Licenses" section of the Administration, fill your details, look for the extension you just installed in the live table and click the buttons to get a trial license or to buy a license.
Install the License
If you have selected a trial license then you're good and there's nothing else to do. Your trial license is automatically installed.
However if you've selected to buy a license you'll be redirected to a page to perform the payment. At the end you need to come back to the "Licenses" administration section and click on the "Check for Updates" button. This will download and apply the license you bought.
Use the Extension
Start using the Extension! Refer to the extension's documentation to know how to use it.
Installing Paid Apps on Subwikis
If you want to install an application on the whole farm (main wiki + subwikis), you can do so directly from the main wiki’s Extension Manager, as seen below:
Extensions can also be installed only on a particular subwiki by global admins. Subwiki admins will not be able to install these extensions due to their limited rights.
Installing in subwikis
Each (sub)wiki can have its own UI for configuring LDAP and thus it's possible to have different settings per wiki. The only restriction is that the Active Directory application must be installed first in the main wiki before it can be installed in other subwikis.
Options
The price is per year and varies depending on the support level and the number of users.
Support / Users | 10 | 25 | 50 | 100 | 250 | 500 | 1000 | 2500 | 5000 | 10000 | 20000 |
---|---|---|---|---|---|---|---|---|---|---|---|
Silver |
Benefits
What do you get when you purchase an XWiki extension?
1 year license
By purchasing an XWiki extension license, you'll benefit from it during one year.
Free updates
You benefit from all the extension updates during one year. You are always up to date.
Support included
If you are facing an issue, you can reach the XWiki support. Our team is always available to help.
How to Buy
To buy, install this extension from inside your XWiki instance and follow the instructions.
Release notes
v1.6.3
Update the Licensing dependency to version 1.14.1.
v1.6.2
Update the Licensing dependency to version 1.13.9.
Update the LDAP Application dependency to version 9.4.
v1.6.1
Update the LDAP Application dependency to version 9.3.7.
v1.6
Bugs fixed:
#6 Success message misspelled.
#7 Connection error is not expandable.
#12 The resetGroupCache() method is never called.
Improvements:
#8 Use the full content to display the configuration.
#9 Store the default configuration values when the configuration document is created.
#10 Improve documentation in the administration section.
#11 Remove the '- - -' value from the Boolean properties.
v1.5.9
Update the Licensing dependency to version 1.13.8.
Update the LDAP Application dependency to version 9.3.6.
v1.5.8
Update the Licensing dependency to version 1.13.4.
v1.5.7
Update the Licensing dependency to version 1.13.3.
Update the LDAP Application dependency to version 9.3.5.
v1.5.6
Update the Licensing dependency to version 1.13.2.
Update the LDAP Application dependency to version 9.3.2.
v1.5.5
Bugs fixed:
#4 Password field can't be filled in.
Update the Licensing dependency to version 1.13.1.
Update the LDAP Application dependency to version 9.2.6.
v1.5.4
Update the Licensing dependency to version 1.13.
v1.5.3
Update the Licensing dependency to version 1.12.2.
v1.5.2
Update the Licensing dependency to version 1.12.1.
v1.5.1
Update the Licensing dependency to version 1.11.
v1.5
Bug fixed: Active Directory's connection parameters are not properly escaped.
Update the Licensing dependency to version 1.8.
Improve the way the message about no valid license is displayed.
v1.4
Update the Licensing dependency to version 1.7.
v1.3
Update the Licensing dependency to version 1.6.
v1.2.6
Update the Licensing dependency to version 1.5.4.
Update the parent version to 8.5.
Update the LDAP Application dependency to version 9.2.5.
v1.2.5
Update the Licensing dependency to version 1.4.4.
v1.2.4
Update the Licensing dependency to version 1.4.3.
v1.2.3
Update the Licensing dependency to version 1.4.2.
v1.2.2
Update the Licensing dependency to version 1.4.1.
Update the LDAP Application dependency to version 9.2.4.
v1.2.1
Update the Licensing dependency to version 1.4.
v1.2
Update the LDAP Application dependency to version 9.2.
Update the Licensing dependency to version 1.2.
Provide default values for existing properties.
Mark in the UI the default values that will be used.
Set the sAMAccountName as default uid attribute name.
Map by default all the AD attributes that are matching an XWiki user property.
Simplify the UI by splitting the Configuration into simple and advanced.
The following translations have been updated:
v1.1
Initial paid version.
Introduced the Check connection button for live validation of authentication credentials.
Enable the AD Authenticator automatically and without editing xwiki.cfg.
Enable local users by default when AD is active.
Extension details
License
- GNU Lesser General Public License 2.1
Sources
Issues
Type
- xar
Developed by
Compatibility
- Requires XWiki 8.4 or above.
Dependencies
- org.xwiki.rendering:xwiki-rendering-macro-message 8.4
- org.xwiki.platform:xwiki-platform-rendering-macro-include 8.4
- org.xwiki.platform:xwiki-platform-rendering-macro-velocity 8.4
- org.xwiki.contrib.ldap:ldap-api 9.4
- com.xwiki.activedirectory:application-activedirectory-api 1.6.5
- com.xwiki.licensing:application-licensing-licensor-api 1.14.4
- org.xwiki.rendering:xwiki-rendering-macro-html 8.4