How to Add WordPress LDAP Authentication Using a Plugin
Last Updated July 17, 2023
LDAP, or lightweight directory access protocol, was developed to make it easier for applications to gather user information. Essentially, LDAP is an application protocol that lets you store things like usernames, passwords, and email addresses. Typically, this information is then used for things like authenticating users on websites or apps. There are other applications as well but for today we’re mainly focused on authentication and user management. Why? Because you can actually integrate LDAP into a WordPress website. It’s easy to do thanks to the developer community that has made and released several high-quality WordPress LDAP plugins. We’re going to look at some of those plugins in detail in this post.
Popular WordPress Ldap Plugins
Each of the WordPress LDAP plugins on our list is available at WordPress.org. You can download the plugin file from the site’s repository free of charge and manually upload it to your installation. Or, if you would prefer an easier way, simply install and activate them from the Plugins screen in the WordPress admin.
We have summarized the basic features of each plugin to give you a quick overview of what they can do. Normally, in posts like this, we discuss the premium version of plugins as well. Unusually, none of these plugins offer pro versions that we thought were truly worth discussing. You can get almost everything you could need to integrate LDAP into your WordPress website with these free plugins.
Let’s get started.
authLdap
authLdap is a WordPress plugin developed to let you use your existing LDAP as the authentication source for your WordPress site. This particular plugin sets itself apart because it is not dependent on any single LDAP backend. You get to decide, as the site owner, which LDAP authentication to use. authLdap uses the built-in WordPress user database so that there is a single source of user data always in sync. The extra benefit of this, over just keeping your life simpler, is if you disable LDAP the user entries still exist and are viable for logging in to your WordPress installation.
Plugin Details
This piece of software was originally published by its owner in August of 2010. It is currently on version 2.6.4 and last underwent a revision on October 11th, 2024. The latest version operates on WordPress 6.6.0 and requires at least PHP 7.4 to work on your server. This plugin is now working on over 5,000 WordPress sites. It has had over 102,000 downloads. There have not been many assistance requests from customers. Reviews for this plugin are very positive. Many of the users who left a piece of feedback found authLdap to be excellent.
Active Directory Integration / LDAP Integration Login for Intranet Sites
Active Directory Integration / LDAP Integration Login for Intranet Sites (quite the mouthful) provides an alternate solution for users to log in to your WordPress site. You can use Active Directory or LDAP, as the plugin name implies, to map attributes to your WordPress user accounts and roles. The plugin also comes with some reporting so you can monitor things like unsuccessful authentication requests. It works with JumpCloud, Synology, OpenDS, and other options as well.
Plugin Details
This product was initially released by its creator in August of 2015. It is now on version 5.2.0 and last saw an update on December 10th, 2024. The latest version runs on WordPress 6.7.1 and requires at least PHP 5.2.0 to operate on your server. This plugin is actively working on over 5,000 WordPress sites. It has had over 287,600 downloads. There have not been many support requests from end-users. Reviews for Active Directory Integration / LDAP Integration are very positive. Many of the users who left a review found Active Directory Integration / LDAP Integration to be great.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Active Directory Integration / LDAP Integration Login for Intranet Sites. The security problem was fixed and here are the details.
Date | Description | Fixed? |
---|---|---|
10/18/21 | Reflected Cross-Site Scripting This was a medium concern issue that was fixed in version 3.6.95. | Yes |
Authorizer was designed to allow access to a WordPress site using restricted access. Not only does this plugin support LDAP but it works with CAS or an OAuth2 source as well. You can use Authorize to authenticate accounts, handle login access, view who has access, and more. Additional options include limited login attempts and embedding a login form outside of the normal WordPress methods with a shortcode. This plugin is not only available on WordPress.org but on GitHub as well if you wish to help directly contribute to its development.
Plugin Details
This piece of software was initially released by its owner in April of 2015. It is currently on version 3.10.2 and last saw a change on September 26th, 2024. The latest edition functions on WordPress 6.6.2 and requires at least PHP 7.4 to function on your server. This plugin is now functioning on over 5,000 WordPress sites. It has had over 154,380 downloads. There have not been many support requests from end-users. Reviews for this plugin are very positive. Many of the end-users who left a piece of feedback found this plugin to be excellent.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Authorizer. The security problem was fixed and here are the details.
Date | Description | Fixed? |
---|---|---|
11/1/22 | Service Hostname Discovery Exploitation This was a high concern issue that was fixed in version 1.6.0 . | Yes |
Simple LDAP Login
Simple LDAP Login markets itself as the quick and easy way to offer your organization a single login service to your WordPress installation. In addition to OpenLDAP, this plugin works with OpenDS as well. It handles TLS properly, works with existing WordPress usernames to authenticate with LDAP, and offers configuration options to automatically generate WordPress users. LDAP groups can be used to restrict logins which is a very nice feature. All of these settings are built into the plugin’s interface so you don’t have to do any coding at all.
Plugin Details
This plugin was first released by its developer in October of 2008. It is now on version 1.6.1 and last had an update on September 26th, 2024. The latest update runs on WordPress 6.6.2. This plugin is actively operating on over 2,000 WordPress sites. It has had over 105,590 downloads. There have not been many help requests from customers. Reviews for Simple LDAP Login are very positive. Many of the users who left a piece of feedback found Simple LDAP Login to be worthwhile.
wpDirAuth
wpDirAuth is the final WordPress LDAP plugin we’re going to cover in this article. Like the other plugins, the purpose of wpDirAuth is to consolidate all of your logins into one system. This plugin will make a new WordPress account for each user that successfully authenticates. There is no need to manually register with WordPress during this process. wpDirAuth doesn’t disable the default WordPress user system so regular logins and accounts will still function. Privilege control is available also for finer control. The plugin works with all of the most popular LDAP directory services so it’s sure to meet your needs regardless of the setup your organization uses.
Plugin Details
This piece of software was first released by its creator in August of 2007. It is actively on version 1.10.7 and last underwent a change on August 18th, 2023. The latest update operates on WordPress 6.3.5. This plugin is now running on over 800 WordPress sites. It has had over 45,480 downloads. There have not been many assistance requests from users. Reviews for this plugin are very positive. Many of the users who left an evaluation found this plugin to be useful.
Find the Best WordPress Ldap Plugin
That’s the end of our look at WordPress LDAP plugins. Each of these plugins takes advantage of the power of LDAP to make user logins and registrations easier for you or your client’s organizations. Integrate with all of the common protocols and services to streamline the login process.
We recommend giving a few of these plugins a good review before making your final decision. Many of them share common features but there are ways in which they set each other apart. A few offer more robust options and nicer touches like easy-to-user interfaces.
In the end, we hope you’ve found the best WordPress LDAP solution for your site or project.
Interested in More Ways to Enhance WordPress?
LDAP is a great way to make WordPress easier for your users. Our White Label WordPress plugin is another solution you can use to improve the admin experience as well.
White Label was developed to help you customize client sites. Rebrand the login page, create a new admin color scheme, replace logos, edit and remove menus, and much more. Our plugin will make WordPress less confusing to your admin users and easier for you to support.
Check out the complete feature list to learn all of the ways White Label can help. The plugin is under constant development and always seeing new features and capabilities introduced.