lady_minx

Created this and put it in my child theme’s functions.php file. Let me know if there are any improvements that can be made to it / if it’s going to cause any issues?

function modify_admin_url_defaults($url, $path, $blog_id, $scheme) {
$internal_domain = ‘lm.a.state.gov’; // Replace with your Internal domain
$host = ‘proxydomain.net’; // Replace with your Proxy domain
if (isset($_SERVER[‘HTTP_X_MS_PROXY’]) && ($_SERVER[‘HTTP_X_MS_PROXY’] == ‘AzureAD-Application-Proxy’)) {
return str_replace($internal_domain, $host, $url);
} else {
return $url;
}
}

add_filter( “admin_url”, “modify_admin_url_defaults”, 10, 4 );

I was able to _temporarily_ get this to work by modding core. Can someone tell me how I can do this in the theme functions.php instead?

/wp-includes/link-template.php

//function admin_url( $path = ”, $scheme = ‘admin’ ) {
//???????????? return get_admin_url( null, $path, $scheme );
function admin_url( $path = ”, $scheme = ‘admin’ )
if (isset($_SERVER[‘HTTP_X_MS_PROXY’]) && ($_SERVER[‘HTTP_X_MS_PROXY’] == ‘AzureAD-Application-Proxy’)) {
return str_replace(‘internaldomain’, ‘proxydomain’, get_admin_url( null, $path, $scheme )); }
else {
return get_admin_url( null, $path, $scheme );}
}

Great, thanks!

WordPress 6.4.2 and Chrome Version 120.0.6099.225 (Official Build) (64-bit)
Just tried in Edge Version 120.0.2210.144 (Official build) (64-bit), same problem

• This reply was modified 9 months ago by lady_minx.

Okay thanks for the response. It’s just a suggestion for a future feature then.

Yes, I saved after reordering. Then I to save after each individual movement too, neither worked.

Nevermind, I found the save_form_content=”0″ setting.

I had to manually change the order in the database. Please fix this in new release.

Oops, I resolved the wrong one, this question is still open!

It isn’t letting me configure the Netbios name in NADI. When I looked that up it says it should be detecting it automatically now?

Hmm, okay I manually modified the REMOTE_USER variable and it still didn’t work. It looks like the plugin isn’t filling in / sending the sAMAccountName or userPrincipalName when trying to login via SSO, but it does if I type in the login and password.

I guess I’m stuck. I don’t know what/if I’m missing a configuration setting or if something needs to be done on the AD side of the house to get this to work?

I have also tried mod_authnz_sspi with the exact same results.

Actually, the site is an intranet site. After upgrading wordpress from 4.7.1 to 4.7.2 today, the problem went away (I’ve no idea why ?? )

Well, this was my solution. It’s not perfect, since it still allows all users to do a “forgot password” and change password on their profile, but a saml login will reset the password the next time the user logs properly via sso anyway.

I created two different login links which I put as buttons on my blogs:

SSOLogin:  https://mysite.com/wp-login.php?saml=yes&redirect_to=/
Wordpress Login: https://mysite.com/wp-login.php?redirect_to=%2F

Then I modified the plugin:

if (!empty($_GET['saml']) && $_GET['saml'] == 'yes') {
  add_filter('authenticate', array('SimpleSAMLAuthenticator', 'authenticate'), 10, 2);
  add_action('wp_logout', array('SimpleSAMLAuthenticator', 'logout'));
 add_action('wp_logout',create_function('','wp_redirect(home_url());exit();'));
} else {
  remove_all_filters('authenticate');
  add_filter('authenticate', 'wp_authenticate_username_password', 10, 3);
}
//add_action('lost_password', array('SimpleSAMLAuthenticator', 'disable_function'));
//add_action('retrieve_password', array('SimpleSAMLAuthenticator', 'disable_function'));
//add_action('password_reset',array('SimpleSAMLAuthenticator', 'disable_function'));
//add_filter('show_password_fields', array('SimpleSAMLAuthenticator', 'show_password_fields'));

Here it is:
if (strtolower($username) != substr(sanitize_user(strtolower($username), TRUE), 0, 60)) {