How to Add WordPress LDAP Authentication Using a Plugin
Last Updated July 17, 2023
This post is brought to you by White Label for WordPress. Customize the WordPress admin and make life easier for you and your clients.
LDAP, or lightweight directory access protocol, was developed to make it easier for applications to gather user information. Essentially, LDAP is an application protocol that lets you store things like usernames, passwords, and email addresses. Typically, this information is then used for things like authenticating users on websites or apps. There are other applications as well but for today we’re mainly focused on authentication and user management. Why? Because you can actually integrate LDAP into a WordPress website. It’s easy to do thanks to the developer community that has made and released several high-quality WordPress LDAP plugins. We’re going to look at some of those plugins in detail in this post.
Popular WordPress Ldap Plugins
Each of the WordPress LDAP plugins on our list is available at WordPress.org. You can download the plugin file from the site’s repository free of charge and manually upload it to your installation. Or, if you would prefer an easier way, simply install and activate them from the Plugins screen in the WordPress admin.
We have summarized the basic features of each plugin to give you a quick overview of what they can do. Normally, in posts like this, we discuss the premium version of plugins as well. Unusually, none of these plugins offer pro versions that we thought were truly worth discussing. You can get almost everything you could need to integrate LDAP into your WordPress website with these free plugins.
Let’s get started.
authLdap
authLdap is a WordPress plugin developed to let you use your existing LDAP as the authentication source for your WordPress site. This particular plugin sets itself apart because it is not dependent on any single LDAP backend. You get to decide, as the site owner, which LDAP authentication to use. authLdap uses the built-in WordPress user database so that there is a single source of user data always in sync. The extra benefit of this, over just keeping your life simpler, is if you disable LDAP the user entries still exist and are viable for logging in to your WordPress installation.
Plugin Details
This plugin was first released by its developer in August of 2010. It is currently on version 2.6.0 and last underwent a change on March 13th, 2024. The newest release operates on WordPress 6.4.0 and requires at least PHP 7.4 to function on your server. This plugin is currently running on over 6,000 WordPress websites. It has had over 83,130 downloads. There have not been many help requests from customers. Reviews for this plugin are very positive. Many of the end-users who left a review found authLdap to be useful.
Active Directory Integration / LDAP Integration Login for Intranet Sites
Active Directory Integration / LDAP Integration Login for Intranet Sites (quite the mouthful) provides an alternate solution for users to log in to your WordPress site. You can use Active Directory or LDAP, as the plugin name implies, to map attributes to your WordPress user accounts and roles. The plugin also comes with some reporting so you can monitor things like unsuccessful authentication requests. It works with JumpCloud, Synology, OpenDS, and other options as well.
Plugin Details
This plugin was first published by its developer in August of 2015. It is actively on version 5.0.5 and last experienced an update on April 3rd, 2024. The most recent edition operates on WordPress 6.5.2 and requires at least PHP 5.2.0 to run on your server. This plugin is presently working on over 5,000 WordPress websites. It has had over 254,710 downloads. There have not been many assistance requests from users. Reviews for this plugin are very positive. Many of the end-users who left a piece of feedback found this plugin to be worthwhile.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Active Directory Integration / LDAP Integration Login for Intranet Sites. The security problem was fixed and here are the details.
| Date | Description | Fixed? |
|---|---|---|
| 10/18/21 | Reflected Cross-Site Scripting This was a medium concern issue that was fixed in version 3.6.95. | Yes |
Authorizer was designed to allow access to a WordPress site using restricted access. Not only does this plugin support LDAP but it works with CAS or an OAuth2 source as well. You can use Authorize to authenticate accounts, handle login access, view who has access, and more. Additional options include limited login attempts and embedding a login form outside of the normal WordPress methods with a shortcode. This plugin is not only available on WordPress.org but on GitHub as well if you wish to help directly contribute to its development.
Plugin Details
This plugin was initially released by its creator in April of 2015. It is presently on version 3.7.1 and last had an update on March 8th, 2024. The most recent release functions on WordPress 6.4.4 and requires at least PHP 7.4 to run on your server. This plugin is currently running on over 4,000 WordPress sites. It has had over 124,000 downloads. There have been 10 help requests with a 10% response rate. Authorizer has below average support from its owner. Reviews for this plugin are very positive. Many of the users who left an evaluation found Authorizer to be great.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Authorizer. The security problem was fixed and here are the details.
| Date | Description | Fixed? |
|---|---|---|
| 11/1/22 | Service Hostname Discovery Exploitation This was a high concern issue that was fixed in version 1.6.0 . | Yes |
Simple LDAP Login
Simple LDAP Login markets itself as the quick and easy way to offer your organization a single login service to your WordPress installation. In addition to OpenLDAP, this plugin works with OpenDS as well. It handles TLS properly, works with existing WordPress usernames to authenticate with LDAP, and offers configuration options to automatically generate WordPress users. LDAP groups can be used to restrict logins which is a very nice feature. All of these settings are built into the plugin’s interface so you don’t have to do any coding at all.
Plugin Details
This plugin was first released by its owner in October of 2008. It is now on version 1.6.0 and last had an update on July 28th, 2016. The latest edition functions on WordPress 4.7.28. This plugin is now running on over 2,000 WordPress websites. It has had over 102,740 downloads. There have not been many help requests from users. Reviews for Simple LDAP Login are very positive. Many of the customers who left a review found this plugin to be excellent.
wpDirAuth
wpDirAuth is the final WordPress LDAP plugin we’re going to cover in this article. Like the other plugins, the purpose of wpDirAuth is to consolidate all of your logins into one system. This plugin will make a new WordPress account for each user that successfully authenticates. There is no need to manually register with WordPress during this process. wpDirAuth doesn’t disable the default WordPress user system so regular logins and accounts will still function. Privilege control is available also for finer control. The plugin works with all of the most popular LDAP directory services so it’s sure to meet your needs regardless of the setup your organization uses.
Plugin Details
This piece of software was originally published by its developer in August of 2007. It is now on version 1.10.7 and last experienced a change on August 18th, 2023. The most recent edition operates on WordPress 6.3.4. This plugin is actively working on over 800 WordPress sites. It has had over 43,900 downloads. There have not been many assistance requests from customers. Reviews for this plugin are very positive. Many of the customers who left an evaluation found this plugin to be great.
Find the Best WordPress Ldap Plugin
That’s the end of our look at WordPress LDAP plugins. Each of these plugins takes advantage of the power of LDAP to make user logins and registrations easier for you or your client’s organizations. Integrate with all of the common protocols and services to streamline the login process.
We recommend giving a few of these plugins a good review before making your final decision. Many of them share common features but there are ways in which they set each other apart. A few offer more robust options and nicer touches like easy-to-user interfaces.
In the end, we hope you’ve found the best WordPress LDAP solution for your site or project.
Interested in More Ways to Enhance WordPress?
LDAP is a great way to make WordPress easier for your users. Our White Label WordPress plugin is another solution you can use to improve the admin experience as well.
White Label was developed to help you customize client sites. Rebrand the login page, create a new admin color scheme, replace logos, edit and remove menus, and much more. Our plugin will make WordPress less confusing to your admin users and easier for you to support.
Check out the complete feature list to learn all of the ways White Label can help. The plugin is under constant development and always seeing new features and capabilities introduced.
Related Posts from Our WordPress Blog
Check our list of WordPress IP address plugins that you can use to identify visitors by their location and control how they access content.
Learn how to add a WordPress author box to the bottom of your pages and posts. We’ve made a list of the most popular plugins for the job.