I’m using a couple of plugins to integrate with our LDAP/AD server – that plugin adds a bit of user meta when it successfully auths/creates a wp user. I’m also using the Ultimate Members plugin to control roles etc.
What I need to do is ensure anyone that signs in with their ldap creds gets assigned the ldap UM role. So here’s the PHP I got thus far.
global $ultimatemember;
global $user_ID;
$key = 'ad_integration_account_suffix';
$single = true;
$ldap_user=get_user_meta( $user_ID, $key, $single ); // core WP coe to get a users meta info - we are assigning it a variable
echo '<p>The '. $key . ' value for user id ' . $user_ID . ' is: ' . $ldap_user . '</p>'; // some debug stuff - take this out
um_fetch_user( $user_ID ); // set UM user id to retrieve
if($ldap_user !== '') { // if the ldap user key is not null then its populated and thus this user is a member of AD
$ultimatemember->user->set_role('ldap_user'); // so set the UM user to be a member of the ldap_user role/group.
}
Now, I think there’s some issues with the above ie I assume that it also needs to be wrapped in a function? Where do I stick this php snippet so its called upon sign-in? I also probably should first check to see if the user is already in the ldap_user group and if so we don’t need to continue with the rest of the checks/set’s etc.
I suggest to create your own plugin to handle your LDAP functionalities. With it, use the
wp_login
hook to trigger your code on log in.If you never created a plugin in WordPress, here is how to do it in few steps:
wp-content/plugins/
– let’s call itldap-authentication
Inside, create a new PHP file (let’s call it
ldap-authentication.php
) and add the following comment at the top:And to hook on wp_login, do the following (I changed a bit your code to reflect the use of the
WP_User
object):If you want to know if the user is in the
ldap_user
group, you can use the following:You might also look into the Gravity Forms plugin (with the Registration add on) With this you can have a registration form that assigns custom roles all on the frontend of the site. As well as the ability for your users to edit their profiles (on the front end also).
I’ve built a couple of membership sites with protected areas and we’ve used the gravity forms plugin to handle the registrations as well as Justin Tadlock’s Members plugin to handle the roles/capabilities for the new users