We’ve set up a new blog for people to start playing with at work. As part of the set up I wanted to link back into the central authentication used for workstation login, etc… So the options were really kerberos, or radius. As the authority is an AD controller LDAP is not really considerable and getting php to work with kerberos or radius is a real hassle requiring extra modules to be compiled and loaded.
Don’t forget to apply the patch if you’re not using WordPress 1.5.1 yet. You will need to configure the mailbox url under options > imap authentication if you’re using anything but unsecured localhost access. The mailbox location is passed directly to php’s imap_open function, so you can use pop/imap/nntp in secure or non-secure mode, your choice.
The user suffix is only required if your server requires the @domain.com part of the email address when logging in, and you don’t want to add that as part of the user’s wordpress login name.
Side-note: I also secured wp-login and wp-admin/ to force access via https, thereby furthur increasing the security passwords used on the site.
Update: I’ve addded the plugin to the WordPress plugin repository.
Update #2: It seems that wordpress doesn’t like redirects in wp-admin, so I’ve had to disable the forced https for that folder. However I continue to use it for wp-login.