How to Install MediaWiki with MySQL and PHP and LDAP/AD extension

Assumptions:

System: Linux Debian with PHP and Apache web server already installed and running.

Install the following:

  1. apt-get install mysql-server
  2. apt-get install php5-mysql
  3. Download wiki https://www.mediawiki.org/wiki/Manual:Installation_guide
  4. Setup Apache site then a2ensmode Name to enable it.
  5. Setup database for wiki follow this https://www.mediawiki.org/wiki/Manual:Installing_MediaWiki

mysql -u root -p

CREATE DATABASE wikidb;
GRANT ALL PRIVILEGES ON wikidb.* TO 'wikiuser'@'localhost' IDENTIFIED BY 'password';

6. Restart apache.

service apache2 restart

If the Wiki is not showing mysql then you need to restart service.

7. Install LDAP support for php.

on ubuntu apt-get install php5-ldap

8. Restart apache – service apache2 restart

9. Download ldap extention from wiki

https://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Configuration_Options

then clik on the download the snapshot for the correct version then unpack

tar -xzf LdapAuthentication-REL1_28-770c89e.tar.gz -C /var/www/mediawiki/extensions

10. Run the updater php maintenance/update.php

If you get the following error then you need to run the update script again!

A database query error has occurred. This may indicate a bug in the software.[a6131d2bdeda3f290ca8cc67] 2017-02-15 11:28:39: Fatal exception of type “DBQueryError”

You need to have a ldap_domain table created in wiki database. You can run double check if it’s there by logging to mysql

mysql -p -u root

then show databases; use wikidb; show tables; you should see the ldap_domains

Once you setup ldap you will no longer be able to access the Admin account. Log first as a ldap/ad user then log in to mysql

mysql -p -u root

show databases;

use yourdatabase;

select * from user; (to get your user _id)

then run the following (2 is my user_id)

INSERT INTO user_groups (ug_user,ug_group) VALUES (2,”bureaucrat”);

Once completed log to wiki and you will have a full rights to it.

Once you LDAP setup is ready you may wan to change from clear to tls/ssl in the LocalSettings.php section.

To get ssl/tls working you need to trust the certification from your active directory.

  1. Get a Certification

openssl s_client -connect yourdomaincontroller-dc1:636

copy all section from ——-BEGIN to END —- Certficate

Install ldap-utils

apt-get install ldap-utils

Open up vim /etc/ldap/ldap.conf

then look for entry

TLS_CACERT /etc/ssl/certs/ca-certificates.crt

open up vim /etc/ssl/certs/ca-certificates.crt and paste your Certificate to the end.

I have found that this works only temporary until you run update-ca-certificates.

To get this permamment.

create a local file with certificates e.g local-ca.crt then copy it to /usr/local/share/ca-certificates and run update-ca-certificates.

Restart apache service apache2 restart

It should be working now.

If you have the following error  DatabaseBase::factory no viable database extension found for type ‘mysql’ then you need to install apt-get install php5-mysql and service apache2 restart.

How to check powershell errors when running powershell from task scheduler

You can use the following method.

Add this to your powershell script in various places

“Start!” | Out-File c:\mylog.txt

then use try/catch method to catch the errors

#Get data from database and export to file
try{

“SQL Starts” | Out-File c:\mylog.txt

YOUR CODE HERE
} catch [Exception]
{
“Error: {0}” -f $_.Exception.Message | Out-File c:\mylog.txt
$error | Out-File c:\mylog.txt
}

“End” | Out-File c:\mylog.txt

then check your error log file for issue.

 

It happens that the script wasn’t always working and after getting it sorted I have found this

Error: The term ‘Invoke-SqlCmd’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Invoke-SqlCmd : The term ‘Invoke-SqlCmd’ is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is

To fix the problem i had to add the following to the begining of the script

# Import the SQL Server Module.
Import-Module Sqlps -DisableNameChecking;

This has fixed the problem.

 

 

 

 

 

 

 

How to redirect root directory in IIS to something else

Open up IIS install Rewrite module

https://www.iis.net/downloads/microsoft/url-rewrite

then navigate to roo

Your site-> URL Rewrite -> Add new Inboud Blank Rule (This ideally should be first in the top level) then

Requested URL -> Matches the Patter

Using -> Regular Expression

Patter -> ^$

Action -> Action Type – > Redirect
Redirect URL -> Your Site to which you want redirect the root (This can be a sub folder)

Redirect Type (301) Permanent this means that the browser will keep the info and will no need to make a request next time to your server.

Tick  – Stop process other rules.

Enjoy!