How to Add WordPress LDAP Authentication Using a Plugin
Last Updated July 17, 2023
LDAP, or lightweight directory access protocol, was developed to make it easier for applications to gather user information. Essentially, LDAP is an application protocol that lets you store things like usernames, passwords, and email addresses. Typically, this information is then used for things like authenticating users on websites or apps. There are other applications as well but for today we’re mainly focused on authentication and user management. Why? Because you can actually integrate LDAP into a WordPress website. It’s easy to do thanks to the developer community that has made and released several high-quality WordPress LDAP plugins. We’re going to look at some of those plugins in detail in this post.
Popular WordPress Ldap Plugins
Each of the WordPress LDAP plugins on our list is available at WordPress.org. You can download the plugin file from the site’s repository free of charge and manually upload it to your installation. Or, if you would prefer an easier way, simply install and activate them from the Plugins screen in the WordPress admin.
We have summarized the basic features of each plugin to give you a quick overview of what they can do. Normally, in posts like this, we discuss the premium version of plugins as well. Unusually, none of these plugins offer pro versions that we thought were truly worth discussing. You can get almost everything you could need to integrate LDAP into your WordPress website with these free plugins.
Let’s get started.
authLdap is a WordPress plugin developed to let you use your existing LDAP as the authentication source for your WordPress site. This particular plugin sets itself apart because it is not dependent on any single LDAP backend. You get to decide, as the site owner, which LDAP authentication to use. authLdap uses the built-in WordPress user database so that there is a single source of user data always in sync. The extra benefit of this, over just keeping your life simpler, is if you disable LDAP the user entries still exist and are viable for logging in to your WordPress installation.
This product was first released by its owner in August of 2010. It is presently on version 2.5.9 and last experienced an update on September 7th, 2023. The most recent edition operates on WordPress 6.3.0 and requires at least PHP 7.4 to run on your server. This plugin is presently operating on over 6,000 WordPress sites. It has had over 73,420 downloads. There have not been many assistance requests from customers. Reviews for this plugin are very positive. Many of the customers who left a review found this plugin to be useful.
Active Directory Integration / LDAP Integration Login for Intranet Sites
Active Directory Integration / LDAP Integration Login for Intranet Sites (quite the mouthful) provides an alternate solution for users to log in to your WordPress site. You can use Active Directory or LDAP, as the plugin name implies, to map attributes to your WordPress user accounts and roles. The plugin also comes with some reporting so you can monitor things like unsuccessful authentication requests. It works with JumpCloud, Synology, OpenDS, and other options as well.
This piece of software was initially released by its owner in August of 2015. It is currently on version 4.1.10 and last experienced a change on September 18th, 2023. The newest edition runs on WordPress 6.3.1 and requires at least PHP 5.2.0 to function on your server. This plugin is actively functioning on over 5,000 WordPress sites. It has had over 225,460 downloads. There have not been many help requests from customers. Reviews for this plugin are very positive. Many of the users who left an evaluation found Active Directory Integration / LDAP Integration to be excellent.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Active Directory Integration / LDAP Integration Login for Intranet Sites. The security problem was fixed and here are the details.
|10/18/21||Reflected Cross-Site Scripting|
This was a medium concern issue that was fixed in version 3.6.95.
Authorizer was designed to allow access to a WordPress site using restricted access. Not only does this plugin support LDAP but it works with CAS or an OAuth2 source as well. You can use Authorize to authenticate accounts, handle login access, view who has access, and more. Additional options include limited login attempts and embedding a login form outside of the normal WordPress methods with a shortcode. This plugin is not only available on WordPress.org but on GitHub as well if you wish to help directly contribute to its development.
This product was initially released by its creator in April of 2015. It is currently on version 220.127.116.11 and last saw a change on April 28th, 2023. The most recent update works on WordPress 6.2.2 and requires at least PHP 7.2.5 to run on your server. This plugin is now operating on over 4,000 WordPress sites. It has had over 115,590 downloads. There have been 3 support requests with a 67% response rate. Authorizer has ok support from its owner. Reviews for this plugin are very positive. Many of the users who left a review found this plugin to be great.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Authorizer. The security problem was fixed and here are the details.
|11/1/22||Service Hostname Discovery Exploitation|
This was a high concern issue that was fixed in version 1.6.0 .
Simple LDAP Login
Simple LDAP Login markets itself as the quick and easy way to offer your organization a single login service to your WordPress installation. In addition to OpenLDAP, this plugin works with OpenDS as well. It handles TLS properly, works with existing WordPress usernames to authenticate with LDAP, and offers configuration options to automatically generate WordPress users. LDAP groups can be used to restrict logins which is a very nice feature. All of these settings are built into the plugin’s interface so you don’t have to do any coding at all.
This piece of software was originally released by its owner in October of 2008. It is now on version 1.6.0 and last underwent a revision on July 28th, 2016. The most recent release functions on WordPress 4.7.26. This plugin is currently functioning on over 2,000 WordPress websites. It has had over 101,980 downloads. There have not been many support requests from users. Reviews for this plugin are very positive. Many of the users who left a piece of feedback found this plugin to be great.
wpDirAuth is the final WordPress LDAP plugin we’re going to cover in this article. Like the other plugins, the purpose of wpDirAuth is to consolidate all of your logins into one system. This plugin will make a new WordPress account for each user that successfully authenticates. There is no need to manually register with WordPress during this process. wpDirAuth doesn’t disable the default WordPress user system so regular logins and accounts will still function. Privilege control is available also for finer control. The plugin works with all of the most popular LDAP directory services so it’s sure to meet your needs regardless of the setup your organization uses.
This product was originally published by its owner in August of 2007. It is actively on version 1.10.7 and last experienced an update on August 18th, 2023. The most recent edition runs on WordPress 6.3.1. This plugin is actively functioning on over 900 WordPress sites. It has had over 42,310 downloads. There have not been many help requests from end-users. Reviews for this plugin are very positive. Many of the end-users who left an evaluation found wpDirAuth to be excellent.
Find the Best WordPress Ldap Plugin
That’s the end of our look at WordPress LDAP plugins. Each of these plugins takes advantage of the power of LDAP to make user logins and registrations easier for you or your client’s organizations. Integrate with all of the common protocols and services to streamline the login process.
We recommend giving a few of these plugins a good review before making your final decision. Many of them share common features but there are ways in which they set each other apart. A few offer more robust options and nicer touches like easy-to-user interfaces.
In the end, we hope you’ve found the best WordPress LDAP solution for your site or project.
Interested in More Ways to Enhance WordPress?
LDAP is a great way to make WordPress easier for your users. Our White Label WordPress plugin is another solution you can use to improve the admin experience as well.
White Label was developed to help you customize client sites. Rebrand the login page, create a new admin color scheme, replace logos, edit and remove menus, and much more. Our plugin will make WordPress less confusing to your admin users and easier for you to support.
Check out the complete feature list to learn all of the ways White Label can help. The plugin is under constant development and always seeing new features and capabilities introduced.
Related Posts from Our WordPress Blog
Prefetching assets is a great way to speed up a website. Check out our list of the best WordPress prefetch plugins to add this functionality.
Adding maps to a retail business website is a common request. Our list of WordPress store locator plugins is sure to help you get started.