If your organization is storing user accounts in an LDAP directory ( such as OpenLDAP or Active Directory), you can give your users access to your Private Label site with virtually no setup. The steps below will walk you through the process. Email us at firstname.lastname@example.org if you run into any trouble or if you have any questions.
Before you Get Started
If your LDAP server is behind a firewall, you will need to whitelist the following IP addresses:
We use three attributes to identify your users: The Unique User ID Attribute identifies your user definitively even if their other information changes ( for example, if a user's name or email changes, as long as their unique user ID remains the same, they will be able to log into their account, and their information will automatically be updated). The Loging Attribute is the value that your users will enter when they log in. The Username Attribute will be used to display on the Wikispaces site as the user's username.
In some circumstance, you may want use the same attributes for one or more of these fields. For example, if your users log in with the numeric student ID that will not change, it may make sense to use that attribute as both the unique user ID and the login attribute, supply an attribute that holds the student's name as the username. Or it may be that your login attribute would also work perfectly well as a username, so it makes sense to yse the same attribute in both fields.
The value you specify in the Username Attribute field will be used as the displayed username on your Wikispaces site. Since we don't allow special characters or spaces in usernames, if your usernames contain these characters, they will be replaced with and underscore. For example, if you have a user with the display name "John Smith", their username on Wikispaces will become "John_Smith".
What to Do
1. Make sure you are logged in as a site administrator.
2. Go to Site Administrator>Settings>Authentication.
3. After Add New Authentication Source, select LDAP, then click the Add Authetication Source button.
4. Fill out the form:
- Name: How this authentication source will appear on the sign-in page for your users. Pick something that will be easy for your users to understand and recognize.
- LDAP Sever: The address of your server. This shouldn't contain "Idap://" or your port number.
- Base DN: Base DN of the directory thay holds your users.
- Unique User ID Attribute: A unique ID that will allow us to keep track of your users, even if their usernames change. This value will not be visible on your Wikispaces site. If your LDA schema does not have a separate unique ID attribute, you may be set this to the same value as the login attribute.
- Loing Attribute: This is the value your users will enter when they log in. It will not be displayed or stored on your Wikispaces site.
- Username Attribute: This is the value that will appear for your users on your Wikispaces site as their username. If your user's login attributes are acceptable as usernames, you may set this field to the same value as the login attribute. However, if you do not wish to use the login attribute as a username ( for example, if your login attribute is a student ID number), you may choose a different username attribute to use instead.
- Email Attribute: Usually "mail". This is the name of the attribute in your database that lists your user's email addresses. ( If your users do not have email addresses, please contact us at email@example.com).
- Encryption type: SSL, TLS, or Clear.
- Proxy User DN: IF your LDAP server doesn't allow any anonymous connections, this is a qualified DN that will let us access your server. For security reasons, it's best to choose a user with read-only privileges. ( This field is optional; if your LPAD server does allow anonymous connections, leave it blank).
- Proxy Password: Password of the proxy user you entered above.
Still have questions? Send us an email at firstname.lastname@example.org