On Fri, 2017-11-17 at 12:51 +1000, William Brown wrote: > On Thu, 2017-11-16 at 11:26 -0500, John Lewis wrote: > > I want to have one account for modifying both a LDAP directory and > > a > > Mediawiki. What tactic would you you use to do it? > > I'm not sure this is a tough issue: the access controls are seperate > in > these cases. > > On one hand from the LDAP directory management side, you only need > the > ACI/ACL's in place on the config/tree that would allow writes to > appropriate locations. There is plenty of docs on aci/acl placement > and > construction for this. > > From the mediawiki side, you can search users and use an ldap backend > to do password checks (binds) and then use groups to provide > authorization control as to "who" can access the wiki. > > I hope that helps you,
Is that configuration self serviceable, as in the user can request their own account with the permissions I deem them to have?
