=== Active Directory Authentication Integration ===
Contributors: cgrymala
Tags: active directory, ldap, login, authentication
Requires at least: 3.0
Tested up to: 3.1-RC3
Stable tag: 0.1a

Allows WordPress to authenticate, authorize, create and update users through Active Directory

== Description ==

This plugin allows WordPress to authenticate, authorize, create and update against an Active Directory domain. This plugin is based heavily on the [Active Directory Integration](http://wordpress.org/extend/plugins/active-directory-integration/) plugin, but has been modified to work with Multi Site and even [Multi Network](http://wordpress.org/extend/plugins/wp-multi-network/) installations of WordPress.

Some of the features included in this plugin are:

* authentice against more than one AD Server
* authorize users by Active Directory group memberships
* auto create and update users that can authenticate against AD
mapping of AD groups to WordPress roles
* use TLS (or LDAPS) for secure communication to AD Servers (recommended)
* use non standard port for communication to AD Servers
* protection against brute force attacks
* user and/or admin e-mail notification on failed login attempts
* determine WP display name from AD attributes (sAMAccountName, displayName, description, SN, CN, givenName or mail)
* enable/disable password changes for local (non AD) WP users
* WordPress 3.0/3.1 compatibility, including Multi Site and Multi Network

This plugin is based on [glatze's Active Directory Integration](http://wordpress.org/extend/plugins/active-directory-integration/) plugin, which is based upon [Jonathan Marc Bearak's Active Directory Authentication](http://wordpress.org/extend/plugins/active-directory-authentication/) plugin and [Scott Barnett's adLDAP](http://adldap.sourceforge.net/), a very useful PHP class.

Aside from the changes to make this plugin work more effectively with WordPress Multi Site, this version of the plugin also encrypts the password used to connect to the AD server when it is stored in the database.

This plugin was developed by [Curtiss Grymala](http://ten-321.com/) for the [University of Mary Washington](http://umw.edu/). It is licensed under the GPL2, which basically means you can take it, break it and change it any way you want, as long as the original credit and license information remains somewhere in the package.

== Important Notice ==

Since I don't currently have access to multiple AD servers, this plugin has only been tested on a single installation of WordPress with a single AD server. Therefore, it is entirely possible that there are major bugs.

At this time, I am seeking people to test the plugin, so please report any issues you encounter.

== Requirements ==

* This plugin requires WordPress. It might work with versions older than 3.0, but it has not been tested with those.

* This plugin also requires PHP5. Some attempt has been made to make it compatible with PHP4, but it has not been tested in that environment.

* This plugin requires LDAP support to be compiled into PHP. If the `ldap_connect()` function is not available, this plugin will output an error message and will not do anything.

== Installation ==

1. Download the latest ZIP file of this plugin
1. Unzip the file and upload the active-directory-authentication-integration directory to the wp-content/plugins/ folder on your Web server
1. Network Activate the plugin and adjust the settings
1. If you have [John James Jacoby's WP Multi Network plugin](http://wordpress.org/extend/plugins/wp-multi-network/) or [David Dean's Networks for WordPress](http://wordpress.org/extend/plugins/networks-for-wordpress/) installed and activated, you will then have the option to activate this plugin on all networks. Do so.
1. Adjust the settings

== Frequently Asked Questions ==

= Can I use this plugin if I'm not running Multi Site? =

You certainly can. This plugin should be fully compatible with a regular WordPress installation, a WordPress Multi Site installation and even a WordPress Multi Network installation.

= Can I use this plugin for normal LDAP authentication? =

I'm honestly not sure. As far as I know, this plugin is only compatible with Active Directory servers, but it's possible it might work with other implementations of LDAP.

= Why am I seeing a message about LDAP not being supported? =

This plugin requires that LDAP support be compiled into PHP in order to work properly. If you are seeing that error message, it means that the plugin detected that the PHP `ldap_connect()` function is not available.

= Is it possible to use TLS with a self-signed certificate on the AD server? =

Yes, this works. But you have to add the line `TLS_REQCERT` never to your ldap.conf on your web server. If you don't already have one, create it. On Windows systems the path should be `c:\openldap\sysconf\ldap.conf`.

= Can I use LDAPS instead of TLS? =

Yes, you can. Just put `ldaps://` in front of the server in the option labeled "Domain Controller" (e.g. `ldaps://dc.domain.tld`), enter 636 as port and deactivate the option "Use secure connection?".

= Why do I see "Should this set of options be updated for all of your networks?" at the top of each settings section? =

That means that this plugin detected that you have either the WP Multi Network plugin or the Networks for WordPress plugin installed and activated. If you leave this checkbox ticked, any changes you make to that section of settings will be saved on all of the networks, rather than just being saved on the current network.

If you do not have either plugin installed and activated, you should not see this option. If you do, that is a bug and should be reported.

= Why do I see the checkbox mentioned above on one network, but not another? =

Again, that option will only appear on sites where the Multi Network or Networks for WordPress plugin is active. If you only have that plugin activated on a single site, this AD Authentication Integration plugin will have no way of knowing that you are running multiple networks.

= How do I request new features or report a bug with this plugin? =

Please either start a new topic in the official WordPress support forums or make a comment on the appropriate post within [my plugins blog](http://plugins.ten-321.com/active-directory-authentication-integration/).

== Changelog ==

= 0.1 =
* This is the first version