Menu
▾
▴
#58 ldap (AD) Directroy Searching not working
in 2.6 when trying to share a file with a non-registered user from the ldap/AD directory (login is working with LDAP/AD Authentication) data is not pulled from directory.
Directory is set to LDAP in the config.
Searching for a user pops up a and expansion of the the share file dialog:
"Can't find who you're looking for?"
(Checkbox) "Search the entire MYCOMPANY directory."
Checking the box, and typing a known name or user id, brings back no hits, and there are no errors in the log.
This is what I see as well. It will look up users who have logged into FileLocker however, it seems to use the LDAP info to try and find the local user object.
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
I set up a instance of 2.4.5 and ldap directory searching works there, with the same setting. I did have to be more specific about the bind dn as I think originally it was bringing back to many entries.
Last edit: Anonymous 2013-11-21
So this does work in 2.4.5 and is now broken in 2.6? I haven't had an Active Directory instance to test against during this update, since it's been a bit of a shot in the dark. I'll compare the code for 2.4.5 and see if I can track down what might be causing the discrepancy in whether results are being returned or not.
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
Correct, working in 2.4.5 not in 2.6 with same configuration
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
Anyway to increase logging, to get some output somewhere of what is going on behind the scenes?
I'm seeing the same behavior. In my case the LDAP server is OpenDJ rather than AD, but I don't think that matters. I can confirm that no query is issued to the LDAP server, even if the "Search the entire"... box is checked. This is 2.6 from SVN r940.
I too am seeing this issue. I get the following error with using revision r954:
Details: Error while searching for users: 'list' object has no attribute 'get'
I'm connected to an AD domain.
AD returns referral entries which happen to confuse filelocker code.
we have implemented a fix for this problem. Let me know if you are interested
I have this issue. I'm using AD and Filelocker 2.6. AD integrated authentication works fine, but not the "search the entire directory" option. It worked fine in 2.4.5.
I know this is an old thread, but I'm hoping Xorcize or someone else will post a fix.
I realize that this is an old thread. However as I'm closing out as many issues as I can before releasing 2.6, I cannot reproduce this. I'm not sure if it was fixed by some of the other LDAP enhancements, or if my AD config just doesn't trigger the issue. Either way, If any of you folks are still watching this, could you test again with 2.6 from trunk and let me know if it is still an issue? and if so, Xorcize I am interested in seeing how you fixed this.
Thanks:
-David
I'm encountering this issue when using Filelocker 2.6.1 and Active Directory. The LDAP query returns a few referrals, which Filelocker can't handle. Attached is the fix which worked for my environment.