LDAP Integration

Overview

If your organization is storing user accounts in an LDAP directory (such as OpenLDAP or ActiveDirectory), you can give your users access to your Private Label site with virtually no setup. The steps below will walk you through the process. Email us at help@wikispaces.com if you run into any trouble or if you have any questions.

Before You Get Started

Whitelist Wikispaces

If your LDAP server is behind a firewall, you will need to whitelist the IP addresses 208.43.205.127 and 66.228.116.239.

About Usernames

We use three attributes to identify your users: The Unique User ID Attribute identifies your user definitively even if their other information changes (for example, if a user's username or email changes, as long as their unique user ID remains the same, they will still be able to log into their account, and their information will automatically be updated). The Login Attribute is the value that your users will enter when they log in. The Username Attribute will be used to display on the Wikispaces site as the user's username.

In some circumstances, you may want to use the same attributes for one or more of these fields. For example, if your users log in with a numeric student ID that will not change, it may make sense to use that attribute as both the unique user ID and the login attribute, and supply an attribute that holds the student's name as the username. Or it may be that your login attribute would also work perfectly well as a username, so it makes sense to use the same attribute in both fields.

The value you specify in the Username Attribute field will be used as the displayed username on your Wikispaces site. Since we don't allow special characters or spaces in usernames, if your usernames contain these characters, they will be replaced with an underscore. For example, if you have a user with the display name "John Smith", their username on Wikispaces will become "John_Smith".

What to Do

  1. Make sure you’re logged in as a site administrator.
  2. Go to Site Administration > Settings > Authentication.
  3. After Add New Authentication Source, select LDAP, then click the Add Authentication Source button.
  4. Fill out the form:
    • Name: How this authentication source will appear on the sign-in page for your users. Pick something that will be easy for your users to understand and recognize.
    • LDAP Server: The address of your server. This shouldn't contain "ldap://" or your port number.
    • Base DN: Base DN of the directory that holds your users.
    • Unique User ID Attribute: A unique ID that will allow us to keep track of your users, even if their usernames change. This value will not be visible on your Wikispaces site. If your LDAP schema does not have a separate unique ID attribute, you may set this to the same value as the login attribute.
    • Login Attribute: This is the value your users will enter when they log in. It will not be displayed or stored on your Wikispaces site.
    • Username Attribute: This is the value that will appear for your users on your Wikispaces site as their username. If your users' login attributes are acceptable as usernames, you may set this field to the same value as the login attribute. However, if you do not wish to use the login attribute as a username (for example, if your login attribute is a student ID number), you may choose a different username attribute to use instead.
    • Email Attribute: Usually "mail." This is the name of the attribute in your database that lists your users’ email addresses. (If your users do not have email addresses, please contact us at help@wikispaces.com.)
    • Encryption Type: SSL, TLS, or Clear.
    • Proxy User DN: If your LDAP server doesn’t allow anonymous connections, this is a qualified DN that will let us access your server. For security reasons, it's best to choose a user with read-only privileges. (This field is optional; if your LDAP server does allow anonymous connections, leave it blank.)
    • Proxy Password: Password of the proxy user you entered above.
  5. Hit the Save button.

Still have questions? Send us an email at help@wikispaces.com.