iRich Bingo JILI Slots free download.Makakuha ng libreng 700pho sa bawat deposito

graminou
(@graminou)

6 years, 9 months ago
Dear all,

I’ve been messing around and a lot to achieve correct group mapping, and I think I’ve unsuccessfully tried every possible combianation…

I’m trying to log with a user testwpediteur which belongs to wpediteur group. I’ve mapped Editor with wpeditor in configuration.

Here is what says error.log :
- testwpediteur logging in
- about to do LDAP auuthentication
- connect to LDAP server
- LDAP authentication successfull
- Array\n( … [editor] => wpediteur\n …)\n
- Group filter : “(&(objectClass=groupOfNames)(member=uid=%s,ou=people,dc=annuaire.prepasbio,dc=org))”
- LDAP Groups : []
- Role from LDAP Group : ,
- Role from group mapping: ,
- No group found in …
So far, the connection part is OK, but, clearly, my Group filter is not the good one, and I’m looking for the magic formula.

When I search ldap from my server, here is what I code:
```
ldapsearch -LLL -D "uid=XXX,ou=people,dc=annuaire.prepasbio,dc=org" -W -b "dc=annuaire.prepasbio,dc=org" "(&(objectClass=groupOfNames)(member=uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org))" cn
```
and what I get:
```
dn: cn=membresupa,ou=groups,dc=annuaire.prepasbio,dc=org
cn: membresupa

dn: cn=wpediteur,ou=groups,dc=annuaire.prepasbio,dc=org
cn: wpediteur
```
Last bytes in the configuration screen:
- I’ve checked “LDAP Groups override role of existing users?”
- Group-Attribute: cn
- Groue filter : (&(objectClass=groupOfNames)(member=uid=%s,ou=people,dc=annuaire.prepasbio,dc=org))
- Editeur : wpediteur
I hope there’s enough matter for anyone to guess the magic formula : many thnaks for people’s help !
Best regards,
JMarc

Viewing 8 replies - 1 through 8 (of 8 total)

Plugin Author heiglandreas
(@heiglandreas)

6 years, 9 months ago

Hey @graminou

As far as I see it you want to use a DN as filter. So you could also use the %dn%-placeholder instead of creating the DN for yourself. So you could rewrite your current group-filter like this:

(&(objectClass=groupOfNames)(member=%dn%))

Perhaps that does already solves the issue?

If not, I’d need some more input, but let’s talk about that when this solution doesn’t work.

Cheers

Andreas
Thread Starter graminou
(@graminou)

6 years, 9 months ago
Thanks for such a quick support !

Un fortunatly, this does notwork either.
Here’s the log part :
- same thing as above, down to group mapping
- Group Filter: “(&(objectClass=groupOfNames)(member=uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org))”
- LDAP groups: []
- Role from LDAP group:
- user is not in any group that is allowed access
Still get :
`
#?ldapsearch -LLL -D “uid=admin_login,ou=people,dc=annuaire.prepasbio,dc=org” -W -b “dc=annuaire.prepasbio,dc=org” “(&(objectClass=groupOfNames)(member=uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org))” cn

Enter LDAP Password:

dn: cn=membresupa,ou=groups,dc=annuaire.prepasbio,dc=org
cn: membresupa

dn: cn=wpediteur,ou=groups,dc=annuaire.prepasbio,dc=org
cn: wpediteur

So I should get in logs :
- LDAP groups: [membresupa, wpediteur]
Arrrh, it seems to be so close : frustrating ! ;o)

Do you need any further datas ?
Cheers,
JMArc
Thread Starter graminou
(@graminou)

6 years, 9 months ago

Sorry for the missing code tag… my message is a mess…

Plugin Author heiglandreas
(@heiglandreas)

6 years, 9 months ago

Sorry for the delay.

Can you provide me with an excerpt of how your group looks like? Like the output of this command?

ldapsearch -LLL -D “uid=admin_login,ou=people,dc=annuaire.prepasbio,dc=org” -W -b “dc=annuaire.prepasbio,dc=org” “(&(objectClass=groupOfNames)(member=uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org))”

Feel free to anonymize the content but I’d need to know what attributes with what kind of value are available.

Also: What did you configure as Group-Attribute?

Cheers

Andreas
Thread Starter graminou
(@graminou)

6 years, 9 months ago
Thanks for replying so fast, Andreas !

Here’s some sigificant excerpt of the output (I have 500 members in the output…) :
```
dn: cn=membresupa,ou=groups,dc=annuaire.prepasbio,dc=org
objectClass: groupOfNames
objectClass: gosaGroupOfNames
description: Groupe des membres UPA
gosaGroupObjects: [U]
cn: membresupa
member: uid=admin_login,ou=people,dc=annuaire.prepasbio,dc=org
member: uid=testeur,ou=people,dc=annuaire.prepasbio,dc=org
(... other 500 memebrs of this group...)
member: uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org

dn: cn=wpediteur,ou=groups,dc=annuaire.prepasbio,dc=org
objectClass: groupOfNames
objectClass: gosaGroupOfNames
cn: wpediteur
description:: R3JvdXBlIGRlcyBtZW1icmVzIGF1dG9yaXPDqXMgw6Agw6lkaXRlciBkdSBjb250
 ZW51IHN1ciBsZSBibG9n
gosaGroupObjects: [U]
member: uid=testwpediteur,ou=people,dc=annuaire.prepasbio,dc=org
member: uid=XXX,ou=people,o=Champollion,o=GRENOBLE,dc=annuaire.prepasbio,dc=
 org
member: uid=arnaud,ou=people,ou=Phys.chimie,dc=annuaire.prepasbio,dc=org
```
For Group-attribute, I’ve put : cn

Thanks for all !
JMarc
Plugin Author heiglandreas
(@heiglandreas)

6 years, 9 months ago

Hm…

Thanks for the update. It looks like everything is as it should be.

Which means, that you seem to have found a bug. Congratulations on that! ??

Now let’s see how to fix that. I assume you are using version 2.0.3 of the authLdap-plugin.

Can you add the following code to line 517 of the file authLdap.php?

authLdap_debug(print_r($groups, true));

After that there should be some more output in the error-log. Would you mind sending me that? If you like per PM to authldap AT heigl DOT org

Thread Starter graminou
(@graminou)

6 years, 9 months ago

Call me Mr. Jourdain : I’m a bugtracker who ignores he’s one ;o)

I actually use 2.0.3 version. Cool !

See you in MP
Cheers,
JMarc

Thread Starter graminou
(@graminou)

6 years, 9 months ago

(Have you received mail MP ?)

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Wrong Group-filter’ is closed to new replies.