How to Add WordPress LDAP Authentication Using a Plugin
Last Updated July 17, 2023
LDAP, or lightweight directory access protocol, was developed to make it easier for applications to gather user information. Essentially, LDAP is an application protocol that lets you store things like usernames, passwords, and email addresses. Typically, this information is then used for things like authenticating users on websites or apps. There are other applications as well but for today we’re mainly focused on authentication and user management. Why? Because you can actually integrate LDAP into a WordPress website. It’s easy to do thanks to the developer community that has made and released several high-quality WordPress LDAP plugins. We’re going to look at some of those plugins in detail in this post.
Popular WordPress Ldap Plugins
Each of the WordPress LDAP plugins on our list is available at WordPress.org. You can download the plugin file from the site’s repository free of charge and manually upload it to your installation. Or, if you would prefer an easier way, simply install and activate them from the Plugins screen in the WordPress admin.
We have summarized the basic features of each plugin to give you a quick overview of what they can do. Normally, in posts like this, we discuss the premium version of plugins as well. Unusually, none of these plugins offer pro versions that we thought were truly worth discussing. You can get almost everything you could need to integrate LDAP into your WordPress website with these free plugins.
Let’s get started.
authLdap is a WordPress plugin developed to let you use your existing LDAP as the authentication source for your WordPress site. This particular plugin sets itself apart because it is not dependent on any single LDAP backend. You get to decide, as the site owner, which LDAP authentication to use. authLdap uses the built-in WordPress user database so that there is a single source of user data always in sync. The extra benefit of this, over just keeping your life simpler, is if you disable LDAP the user entries still exist and are viable for logging in to your WordPress installation.
This plugin was initially published by its owner in August of 2010. It is actively on version 2.6.0 and last underwent an update on January 7th, 2024. The latest release functions on WordPress 6.4.0 and requires at least PHP 7.4 to function on your server. This plugin is presently functioning on over 6,000 WordPress sites. It has had over 81,600 downloads. There have not been many assistance requests from end-users. Reviews for authLdap are very positive. Many of the customers who left a review found authLdap to be wonderful.
Active Directory Integration / LDAP Integration Login for Intranet Sites
Active Directory Integration / LDAP Integration Login for Intranet Sites (quite the mouthful) provides an alternate solution for users to log in to your WordPress site. You can use Active Directory or LDAP, as the plugin name implies, to map attributes to your WordPress user accounts and roles. The plugin also comes with some reporting so you can monitor things like unsuccessful authentication requests. It works with JumpCloud, Synology, OpenDS, and other options as well.
This product was first published by its creator in August of 2015. It is now on version 5.0.3 and last experienced a change on February 7th, 2024. The newest version works on WordPress 6.4.3 and requires at least PHP 5.2.0 to operate on your server. This plugin is actively functioning on over 5,000 WordPress sites. It has had over 247,710 downloads. There have not been many assistance requests from users. Reviews for Active Directory Integration / LDAP Integration are very positive. Many of the users who left a review found Active Directory Integration / LDAP Integration to be worthwhile.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Active Directory Integration / LDAP Integration Login for Intranet Sites. The security problem was fixed and here are the details.
|Reflected Cross-Site Scripting
This was a medium concern issue that was fixed in version 3.6.95.
Authorizer was designed to allow access to a WordPress site using restricted access. Not only does this plugin support LDAP but it works with CAS or an OAuth2 source as well. You can use Authorize to authenticate accounts, handle login access, view who has access, and more. Additional options include limited login attempts and embedding a login form outside of the normal WordPress methods with a shortcode. This plugin is not only available on WordPress.org but on GitHub as well if you wish to help directly contribute to its development.
This product was initially released by its developer in April of 2015. It is currently on version 22.214.171.124 and last saw an update on April 28th, 2023. The latest update works on WordPress 6.2.4 and requires at least PHP 7.2.5 to function on your server. This plugin is actively operating on over 4,000 WordPress sites. It has had over 118,130 downloads. There have been 4 help requests with a 25% response rate. Authorizer has below average support from its owner. Reviews for this plugin are very positive. Many of the end-users who left a piece of feedback found this plugin to be worthwhile.
Security Issues and Vulnerabilities
There has been one recorded security or vulnerability issue with Authorizer. The security problem was fixed and here are the details.
|Service Hostname Discovery Exploitation
This was a high concern issue that was fixed in version 1.6.0 .
Simple LDAP Login
Simple LDAP Login markets itself as the quick and easy way to offer your organization a single login service to your WordPress installation. In addition to OpenLDAP, this plugin works with OpenDS as well. It handles TLS properly, works with existing WordPress usernames to authenticate with LDAP, and offers configuration options to automatically generate WordPress users. LDAP groups can be used to restrict logins which is a very nice feature. All of these settings are built into the plugin’s interface so you don’t have to do any coding at all.
This product was originally published by its creator in October of 2008. It is now on version 1.6.0 and last saw a revision on July 28th, 2016. The newest version operates on WordPress 4.7.28. This plugin is currently working on over 2,000 WordPress sites. It has had over 102,510 downloads. There have not been many assistance requests from users. Reviews for this plugin are very positive. Many of the customers who left an evaluation found Simple LDAP Login to be useful.
wpDirAuth is the final WordPress LDAP plugin we’re going to cover in this article. Like the other plugins, the purpose of wpDirAuth is to consolidate all of your logins into one system. This plugin will make a new WordPress account for each user that successfully authenticates. There is no need to manually register with WordPress during this process. wpDirAuth doesn’t disable the default WordPress user system so regular logins and accounts will still function. Privilege control is available also for finer control. The plugin works with all of the most popular LDAP directory services so it’s sure to meet your needs regardless of the setup your organization uses.
This plugin was first released by its owner in August of 2007. It is currently on version 1.10.7 and last experienced an update on August 18th, 2023. The most recent version works on WordPress 6.3.3. This plugin is actively functioning on over 900 WordPress websites. It has had over 43,470 downloads. There have not been many assistance requests from customers. Reviews for wpDirAuth are very positive. Many of the users who left an evaluation found wpDirAuth to be excellent.
Find the Best WordPress Ldap Plugin
That’s the end of our look at WordPress LDAP plugins. Each of these plugins takes advantage of the power of LDAP to make user logins and registrations easier for you or your client’s organizations. Integrate with all of the common protocols and services to streamline the login process.
We recommend giving a few of these plugins a good review before making your final decision. Many of them share common features but there are ways in which they set each other apart. A few offer more robust options and nicer touches like easy-to-user interfaces.
In the end, we hope you’ve found the best WordPress LDAP solution for your site or project.
Interested in More Ways to Enhance WordPress?
LDAP is a great way to make WordPress easier for your users. Our White Label WordPress plugin is another solution you can use to improve the admin experience as well.
White Label was developed to help you customize client sites. Rebrand the login page, create a new admin color scheme, replace logos, edit and remove menus, and much more. Our plugin will make WordPress less confusing to your admin users and easier for you to support.
Check out the complete feature list to learn all of the ways White Label can help. The plugin is under constant development and always seeing new features and capabilities introduced.
Related Posts from Our WordPress Blog
Run a news organization’s website or provide a form of online journalism? You might need a WordPress news ticker plugin for your front page.
Every religion organization’s website needs a way to manage sermons. Check out our list of the best WordPress sermon plugins to help.