[Plugin: Active Directory Integration] Single config for multisite

I attempted Curtiss Grymala’s hack and got locked out wordpress alltogether. I had to undo the change…

I think you got locked out because the Active Directory Integration module lost all its settings. See what I’m reporting in prior posts here.

Try this–log in and be sure to select Remember Me. Now add Curtiss’s plugin. Now navigate back to the Active Directory Settings module’s settings. Did all your settings disappear? If so, fill them back in.

OK, followed again with your added suggestion.
Filled in all the ADI info again and when I tested an account I got this:
404 – File or directory not found.
The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.
I just can’t do it this way it seems…

Actually, it does work…

This thread has been quiet for a while, but I thought I’d post some tweaks to the AD Integration plugin that get multisite working (semi) properly. Taking a cue from Curtiss, I went in and actually changed every call in the plugin that was looking for a deprecated variable or using a deprecated function, as well as fixed a few bugs with the coding of the plugin itself. For anyone trying to use this plugin with a multisite WordPress install, here are the necessary changes:

In file /active-directory-integration/ad-integration.php:

In public function _construct():

• Remove globals $wpmu_version and $wpmuBaseTablePrefix – both are deprecated.
• Remove first check for if IS_WPMU defined entirely.
• Replace the add_action(‘admin_menu’… line with the following statement:
  if (function_exists(‘is_network_admin’)) {
  add_action(‘network_admin_menu’, array(&$this, ‘add_options_page’));
  } else {
  add_action(‘admin_menu’, array(&$this, ‘add_options_page’));
  }

In public function initialize_options():

• Replace if (IS_WPMU) { with if (is_multisite()) {
• Replace if (is_site_admin()) { with if (is_super_admin()) {

In public function add_options_page():

• Replace if (IS_WPMU && is_site_admin()) { with if (is_multisite() && is_super_admin()) {
• Replace the add_submenu_page(… line with add_submenu_page(‘settings.php’, __(‘Active Directory Integration’), __(‘Active Directory Integration’), ‘manage_options’, __FILE__, array(&$this, ‘_display_options_page’));
• Replace the final if (!IS_WPMU) { with if (!is_multisite()) {

In public function authenticate($arg1 = NULL, $arg2 = NULL, $arg3 = NULL):

• Remove global $wpmu_version and the check for IS_WPMU directly below it.
• Replace all instances of $version with $wp_version.

In public function sanitize_syncback_global_user_pwd($pwd):

• Replace if (IS_WPMU) { with if (is_multisite()) {

In public function sanitize_bulkimport_user_pwd($pwd):

• Replace if (IS_WPMU) { with if (is_multisite()) {

In public static function global_db_prefix():

• Remove globals $wpmu_version and $wpmuBaseTablePrefix
• Replace if ($wpmu_version != ”) { with if (is_multisite()) {
• Replace return $wpmuBaseTablePrefix; with return $wpdb->base_prefix;

In public static function activate()

• Remove global $wpmu_version
• Replace all four instances of if (isset($wpmu_version) && $wpmu_version != ”) { with if (is_multisite()) {

In public static function deactivate():

• Replace if (isset($wpmu_version) && $wpmu_version != ”) { with if (is_multisite()) {

In protected function _save_wpmu_options($arrPost):

• Replace if (IS_WPMU) { with if (is_multisite()) {
• Below the two lines mentioning ‘AD_Integration_use_tls’, add the following two lines: if ( !empty( $arrPost[‘AD_Integration_network_timeout’] ) )
  update_site_option(‘AD_Integration_network_timeout’, (int)$arrPost[‘AD_Integration_network_timeout’]);

In protected function _generate_authcode():

• Replace if (IS_WPMU) { with if (is_multisite()) {

In file /active-directory-integration/admin.php:

In php tag:

• Replace if (IS_WPMU) { with if (is_multisite()) {
• Replace if (!is_site_admin()) { with if (!is_super_admin()) {
• Replace if (IS_WPMU && $_POST[‘action’] == ‘update’) { with if (is_multisite() && $_POST[‘action’] == ‘update’) {
• Replace the final instance of if (IS_WPMU) { with if (is_multisite()) {

Further down in the same file, look for many instances of (!IS_WPMU)echo, replacing each with (!is_multisite())echo.

Some important notes:

1. The plugin folder itself needs to be placed in your mu-plugins directory within wp-content. If this folder does not currently exist, create it. Within the active-directory-integration folder, look for a folder named ‘mu’. Inside is a little file labeled ‘ad-integration-loader.php’. This file needs to be moved to the mu-plugins directory.
2. The above code tweaks move the settings menu from the Site Admin settings menu over to the Network Admin settings menu. Unlike other tweaks mentioned here, the various settings tabs will display properly, however the ‘Test Tool’ button will be gone, and that feature will be at the bottom of all of the tab pages.
3. You’ll need to re-add the AD settings after making the above changes.. the new data is stored in an entirely different database table.
4. When you save settings, it will jump you back to the first settings page, and you won’t get any notice that the settings were saved. They should save properly, however.
5. Two features of the plugin are entirely broken in multisite: the Test Tool and the Bulk User Import. These are not due to the tweaks made above, but seem to be unfinished parts of the plugin coding itself. There are a few places in the .php files related to those two features that contain deprecated calls as well that can be fixed, however the features will not work regardless. I’d love to see those fixed, however..
6. Finally, while the above changes worked for my Multi-subdirectory WordPress install, I don’t guarantee it will work for anyone else. I’m not a WordPress programmer, although I know HTML and PHP reasonably well. I’d love to see this plugin get an official update, too!

Just a quick addition to the previous post about modifying the Active Directory Integration plugin for multisite use.. there is one other critical change that must be made along with the above:

Look for this section in the ad-integration.php file:

if (function_exists(‘register_uninstall_hook’)) {
register_uninstall_hook(__FILE__, ‘ADIntegrationPlugin::uninstall’);
}

Comment that out. I don’t understand why a plugin installed in the mu-plugins folder should ever be receiving an uninstall hook, but with that code enabled every few hours the plugin will lose all of its settings, locking everyone except the ID 1 user out. I’ve also on one occasion had the plugin somehow change the ID 1 (administrator) account password, something it should not be able to do. If anyone happens to have this happen, you don’t have to delete the whole plugin in order to get back in.. just comment out the following three lines in your ad-integration.php:

add_action(‘lost_password’, array(&$this, ‘disable_function’));
add_action(‘retrieve_password’, array(&$this, ‘disable_function’));
add_action(‘password_reset’, array(&$this, ‘disable_function’));

That will let you request a new password for your administrator account.

I was hoping that would work for me, but the site wouldn’t load once I made all these changes (just a blank screen).

I was thinking of attempting a bit of a hybrid of two methods mentioned here: the mu-plugin php script the confirms WPMU suggested by Curtiss, but I assume it being posted 8 months ago it’s probably not compatible with the 3.1 Network Admin menu. I’m wondering if I change the first admin_menu mentioned in In file /active-directory-integration/ad-integration.php:

In public function _construct(): to network_admin_menu if that would be enough to fix it.

I hate screwing around with this as the site is live and AD users are currently content to return to the main domain to login when faced with a subdomain login fail (although it is clunky and confusing).

Would the redirect in wp-login.php suggested by kristianjohansen:

if ($_SERVER['REQUEST_URI'] != "/wp-login.php") {
        wp_redirect('https://'.$_SERVER['HTTP_HOST'].'/wp-login.php');
}

need to be changed at all to work on a subdomain setup?

@mrjarbenne,

Hmm.. that sounds like you have a PHP bug somewhere. If PHP decides that it can’t process the code of a file, it still sends a blank file. It’s usually a parentheses out of place or a missing semicolon. ??

The method you propose will probably work, with one modification that I can think of.. the $wpmuBaseTablePrefix variable. That one doesn’t get assigned in Curtiss’ modification, and it’s deprecated with no automatic redirect to a new variable. Just look through the code above for where to switch that with $wpdb->base_prefix;

Oh.. you’ll also need to add the network_timeout section from the protected function _save_wpmu_options($arrPost). Otherwise, the database won’t store the setting for AD Network Timeout, and it will always reset to zero (which the plugin can’t handle).