#213 ldap user search and $ldap_filter not working

Future_Requests
closed
nobody
None
5
2012-08-01
2011-03-31
ismael
No

Hi

i am having some trouble with the rewritten ldap user search part in auth_ldap.inc. With $ldap_debug turned on, i get the log messages:

authValidateUserCallback: Successful authenticated bind checking
authValidateUserCallback: No entry found with filter

I skimmed the noisy part, followed by 'Unknown User' on the frontend. Disabling $ldap_filter the authentication works, but there is no filtering. Running ldapsearch 'distinguishedName=uid=admin,ou=users...' like produced by mrbs 1.4.6, i get no result entry, however ldapsearch 'uid=admin' (1.4.1) runs just fine.

I wrote i temporary patch revoking the change, but i am wondering if there is another way round?

mrbs version => 1.4.6
dpkg -l slapd => 2.4.9-0ubuntu0.8.04.1
php --version => PHP 5.2.4-2ubuntu5.4

Discussion

  • James

    James - 2011-05-09

    By any chance do you have users with commas in their CN?
    I have found the $user_search value generated does not work for users with commas.

    To test if this is the problem add the following to top of authValidateUserCallback function:

    global $ldap_dn_search_attrib;
    $user_search = "$ldap_dn_search_attrib = $user";
    ==========
    If that works you will also need to add it to authLdapGetEmailCallback for email to work.
    I'm unsure why $user_search does not work but is likely due to escaping of comma or escaping of backslash before comma.

    $user_search = "distinguishedName=" . $dn;

     
  • James

    James - 2011-05-19

    Please try the latest SVN version which includes the auth_ldap.php patch I submitted.

     
  • John Beranek

    John Beranek - 2012-08-01

    This should be fixed in the latest version, as James as said.

    • status: open --> closed
    • milestone: --> Future_Requests
     


Anonymous

Cancel  Add attachments