[Plugin: Active Directory Integration] Single config for multisite

friendly bump

I would like to have this feature as well. The only way people can login successfully is to go to the root site and login, then they can access the sub-sites that they have access to.

I wound up hard-coding the LDAP connection info into lines 703-749 of the plugin as a hack/fix (commenting out the get_option and get_site option calls). This is obviously sub-optimal, but it seems to work.

Would love to have an official fix for this!

Yeah, I’m trying to hold out for an official fix. I really hope whoever is making this is still working on it. Outside of this one issue, this is a great plugin.

Sorry, was on vacation for a while. I’ll look into this.

glatze – great to see you back!

another helpful update to the plugin would be to change line 227 so that it uses

plugins_url('', __FILE__)

instead of

WP_PLUGIN_URL

The main reason for this is that WP_PLUGIN_URL does not use SSL even when the FORCE_SSL_ADMIN setting is true. For users with a secure backend (as it should be if we are typing in our AD credentials, right?) this causes IE to pop a “Load only content delivered securely?” on every admin page.

Thanks. Looking forward to an update that fixes this. This is a great plugin, and it will be perfect after this issue is fixed.

While waiting you could add some redirect-code to wp-login.php.

For my setup (sub-directory multisite, installed in web root) the following works just fine:

if ($_SERVER['REQUEST_URI'] != "/wp-login.php") {
        wp_redirect('https://'.$_SERVER['HTTP_HOST'].'/wp-login.php');
}

It is not optimal since the users must make a few extra clicks once inside…

I found a really handy (at least temporary) fix for this issue. There’s a plug-in called “YD Network-wide Options” (to find it in the Add New Plugin section of WordPress you have to search for “sitewide options”).

The interface for the “YD Network-wide Options” plug-in is pretty ugly and utilitarian, but it works. Just install and activate that plug-in, then go to its settings and check off all of the ad_ options so that they are propagated globally rather than on a per-blog basis.

Still, it would be great to see network-wide options built into the AD Integration plug-in, but the “YD Network-wide Options” solution seems to work for now.

I can’t quite get “YD Network-wide options” to work right in this setup. It definitely propagates the “AD_Integration_…” options to existing blogs when you click “Update Plugin Settings”. But when I create a new blog, AD logins fail in that blog. I have to click “Update Plugin Settings” again, and then logins succeed. Do you need this manual step too, or am I missing something?

I do have these checkboxes checked:

– Overwrite existing blog settings
– Automatically apply future changes to all blogs
– Spread options to new blogs

Hmm, now it’s working.

While studying the code for this plug-in, I discovered a much simpler (and probably less resource-hungry) way to accomplish this task.

The AD Integration plug-in was initially built with network-wide options in mind, but the methodology it uses to decide whether to use settings on individual sites or throughout the entire network was deprecated when WPMU merged with the WordPress core.

In this plug-in, the decision as to whether to use network-wide options or individual site options is determined by two things:
1) Does the global variable “$wpmu_version” exist?
or
2) Is the constant “IS_WPMU” defined and non-empty? (This constant is defined as ” within the plug-in if “$wpmu_version” doesn’t exist or is empty).

I’m not sure why the checks are inconsistent (some functions use the global $wpmu_version variable and others use the IS_WPMU constant).

Anyway, to make your options applicable site-wide, you need to simply create a small PHP file and place it in your mu-plugins folder. Then paste the following code into that file:

<?php
if( !defined( 'IS_WPMU' ) )
	define( 'IS_WPMU', true );

global $wpmu_version;
$wpmu_version = $GLOBALS['wp_version'];
?>

Then, when you “Network Activate” the AD Integration plug-in, you will no longer see the “Active Directory Integration” menu under “Settings” in the left sidebar, it will appear under “Super Admin” instead, and the settings will now apply throughout your entire network rather than being different for each individual site.

Be forewarned, though, that if there are other plug-ins using the deprecated $wpmu_version variable to try to determine whether this is a standard WordPress installation or a multi-site installation, this change might have an undesired effect on those plug-ins.

Also, in my particular installation, the styling for the options page for this plug-in doesn’t seem to be quite right (the links to the different “tabs” within the options page still work, but they’re just a vertical list of links rather than looking like tabs).

I’ve only just begun testing on this, but it seems to be working properly for me. In my case, I deactivated the plug-in entirely on my network (you’ll obviously have to make sure you have a non-AD Super Admin in order to move forward this way), I backed up my AD_Integration settings from each of my sites’ “options” tables, then deleted them. I then uploaded the file to mu-plugins, logged back in using my non-AD Super Admin account and Network Activated the AD plug-in. I then re-configured all of the settings for the plug-in, logged out and logged in to one of the sub-sites using my AD credentials. It worked.

Note that you have to create this mu-plugins folder at wp-content/mu-plugins.

See https://wpmututorials.com/plugins/basics/what-is-the-mu-plugins-folder/ for details.

Just spotted two minor issues:

1. When adding this mu-plugins thingie, you will have to redo all your ADI settings. The ADI module moves from Settings > Active Directory Integration to Super Admin > Active Directory Integration
2. When under Super Admin, the tabs don’t appear correctly. Instead, the tabs show just as vertically-stacked links at top left of the module settings.

My ADI plugin loses all its settings every time I network activate a module. Could it be related to the mini-module that Curtiss Grymala above recommended for the mu-plugins folder?