Re: [openupload-devel] OpenUpload v0.4.1 released

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

ok. It's failing to find your user  group membership. That should be 
done by the 'uid' field, which is used to query the AD on group membership.

$filter = 
'(&('.$this->config['sgid'].'='.$result['uid'].')(objectclass='.$this->config['groupclass'].'))';

shold come out as
  (&(member=CN=Weir\, 
Jason,OU=Administrators,DC=nhrs,DC=org)(objectclass=group))

I suppose the problem is the "\," maybe. I need to do some tests.

Alessandro

Weir, Jason ha scritto:
> I tried using the new LDAP config options here
> 
> $CONFIG['ldap']['host'] = 'hostname';
> $CONFIG['ldap']['type'] = 'AD';
> $CONFIG['ldap']['user'] = 'username'; 
> $CONFIG['ldap']['password'] = 'password';
> $CONFIG['ldap']['domain'] = 'nhrs.org'; 
> $CONFIG['ldap']['basedn'] = 'dc=nhrs,dc=org'; 
> $CONFIG['ldap']['userdn'] = 'dc=nhrs,dc=org'; 
> $CONFIG['ldap']['userclass']='user';
> $CONFIG['ldap']['uid']='sAMAccountName';
> $CONFIG['ldap']['userfields'] = array ( 'samaccountname'
> =>'login','name' => 'name', 'mail' => 'email', 'distinguishedname'
> =>'uid');
> $CONFIG['ldap']['groupdn'] = 'dc=nhrs,dc=org';
> $CONFIG['ldap']['groupclass']='group';
> $CONFIG['ldap']['gid']='member';
> $CONFIG['ldap']['groupfields'] = array ( 'samaccountname' =>
> 'name','name' => 'description' );
> 
> Definitely looks like LDAP is not finding the correct group..  I get
> authenticated just fine but not assigned any groups..
> 
> Just to make sure we are using the correct LDAP names, here is what I
> see in my AD..
> 
> group info:
> Cn = OpenUpload Admins
> Distinguishedname = CN=OpenUpload Admins,OU=Groups,DC=nhrs,DC=org
> Name = OpenUpload Admins
> Member = list of users distinguished names as below
> 
> User info:
> Cn = Weir, Jason
> Distinguishedname = CN=Weir\, Jason,OU=Administrators,DC=nhrs,DC=org
> Mail = jas...@nh...
> sAMAccountName = jweir
> Name = Weir, Jason
> 
> I log in with jweir and I am a member of the OpenUpload Admins group.
> 
> Any ideas?
> -J
> 
> 
> -----Original Message-----
> From: Alessandro Briosi [mailto:ts...@br...] 
> Sent: Monday, August 31, 2009 4:35 PM
> To: OpenUpload Delvel and General talk
> Subject: Re: [openupload-devel] OpenUpload v0.4.1 released
> 
> 
> ok, could you try the new version with this settings, just to be sure.
> There were problems using previous version afair.
> 
> Alessandro
> 
> Weir, Jason ha scritto:
>> I have a few differences
>>
>> $CONFIG['ldap']['user'] is set to the username and does not include 
>> the @domain
>>
>> Here are some other differences.
>>
>> $CONFIG['ldap']['uid']='samaccountname';
>> $CONFIG['ldap']['userfields'] = array ( 'cn' => 'login', 'name' => 
>> 'name', 'memberof' => 'group_id', 'mail' => 'email'); 
>> $CONFIG['ldap']['groupdn'] = 'dc=nhrs,dc=org'; 
>> $CONFIG['ldap']['groupclass']='group';
>> $CONFIG['ldap']['gid']='distinguishedname';
>> $CONFIG['ldap']['groupfields'] = array ( 'cn' => 'name', 'name' => 
>> 'description' )
>>
>> -J
>>
>>
>> -----Original Message-----
>> From: Alessandro Briosi [mailto:ts...@br...]
>> Sent: Monday, August 31, 2009 4:03 PM
>> To: OpenUpload Delvel and General talk
>> Subject: Re: [openupload-devel] OpenUpload v0.4.1 released
>>
>>
>> Yes, acl are in the db, just some guess. But the Administration menu
>> should depend on the ACL.
>>
>> I also introduced a change which should fix the difference between ad
>> and ldap group search. (It works for me as I tested it)
>>
>> Is this what you are using?
>> /* Active Directory */
>> $CONFIG['ldap']['host'] = '<host>';
>> $CONFIG['ldap']['type'] = 'AD';
>> $CONFIG['ldap']['user'] = '<user>@<ad domain>'; 
>> $CONFIG['ldap']['password'] = '<password>'; $CONFIG['ldap']['domain'] 
>> = '<ad domain>'; $CONFIG['ldap']['basedn'] = 'dc=<ad domain 1>,dc=<ad 
>> domain 2>'; $CONFIG['ldap']['userdn'] = 'dc=<ad domain 1>,dc=<ad 
>> domain 2>'; $CONFIG['ldap']['userclass']='user';
>> $CONFIG['ldap']['uid']='sAMAccountName';
>> $CONFIG['ldap']['userfields'] = array ( 'samaccountname' =>
>> 'login','name' => 'name', 'mail' => 'email', 'distinguishedname' =>
>> 'uid');
>> $CONFIG['ldap']['groupdn'] = 'dc=<ad domain 1>,dc=<ad domain 2>';
>> $CONFIG['ldap']['groupclass']='group';
>> $CONFIG['ldap']['gid']='member';
>> $CONFIG['ldap']['groupfields'] = array ( 'samaccountname' => 'name',
>> 'name' => 'description' );
>>
>>
>> where <ad domain> is something like mydomain.local (and ad domain 1 =
>> mydomain and ad domain2 = local)
>>
>> Just to be sure I haven't lost some configuration...
>>
>> Alessandro
>>
>> Weir, Jason ha scritto:
>>> Did something change in the LDAP routines from 0.4.0?  Isn't ACL data
> 
>>> stored in the DB?
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Alessandro Briosi [mailto:ts...@br...]
>>> Sent: Monday, August 31, 2009 2:42 PM
>>> To: OpenUpload Delvel and General talk
>>> Subject: Re: [openupload-devel] OpenUpload v0.4.1 released
>>>
>>>
>>> hmm, seems to be an acl problem. Maybe LDAP not finding the right
>> groups
>>> (?)
>>>
>>> Alessandro
>>>
>>> Weir, Jason ha scritto:
>>>> After the upgrade I no longer had the "Administration" button at the
>>>> top of the page..  I restored the old files and it's back..
>>>>
>>>> -J
>>>>
>>>> -----Original Message-----
>>>> From: Alessandro Briosi [mailto:ts...@br...]
>>>> Sent: Monday, August 31, 2009 11:03 AM
>>>> To: OpenUpload Delvel and General talk
>>>> Subject: Re: [openupload-devel] OpenUpload v0.4.1 released
>>>>
>>>>
>>>> This is from 0.4
>>>>
>>>> 1. Backup database and direcories.
>>>> 2. keep the config.inc.php and the data directory (and eventually 
>>>> the template modifications you have made) (rename the folders) 3. 
>>>> replace all files (beside the data) 4. put back the config.inc.php 
>>>> and other modified files (templates)
>> 5.
>>>> check directory permissions (templates_c must be writable) 6. Go to
>>> the
>>>> administration and check that the ACLs are as expected. 7. Check 
>>>> that everything is working fine.
>>>>
>>>> Alessandro
>>>>
>>>> P.S. No updates to the database where made.
>>>>
>>>> Weir, Jason ha scritto:
>>>>> What's the recommended upgrade procedure?
>>>>>
>>>>> -J
>>>>>
>>>>> -----Original Message-----
>>>>> From: Alessandro Briosi [mailto:ts...@br...]
>>>>> Sent: Friday, August 28, 2009 11:01 AM
>>>>> To: OpenUpload Delvel and General talk
>>>>> Subject: [openupload-devel] OpenUpload v0.4.1 released
>>>>>
>>>>>
>>>>> I'm pleased to announce that I just released version 0.4.1 of Open 
>>>>> Upload.
>>>>>
>>>>> It's mainly a bug fix release, but introduces some new feature. You
> 
>>>>> are encouraged to upgrade (DO A BACKUP BEFORE!)
>>>>>
>>>>> As always report bugs.
>>>>>
>>>>> Ejnoy,
>>>>> Alessandro
>>>>>
>>>>> Changelog from release 0.4 to 0.4.1
>>>>>
>>>>> * Database
>>>>>    - MSSQL support. by Leonardo F. Cardoso (leocardoso)
>>>>>
>>>>> * Translations
>>>>>    - Added  Brazilian Portuguese. by Leonardo F. Cardoso
>> (leocardoso)
>>>>> * Mime types
>>>>>    - Now mime types try to be handled on the server (see bugs)
>>>>>
>>>>> * Plugins
>>>>>    - Add multiple recipients option to email plugin (; separated
>>>>> list)
>>>>>
>>>>> * Bugs fixed
>>>>>    - Mime handling is now done on the server if supported.
>>>>>    - Handle strange AD behavier with blank passwords
>>>>>    - Handle magic_quotes_gpc if enabled, which caused problems with
>>>> strong passwords
>>>>>    - New mysql versions don't allow an empty string for date/time
>>>>>    - Missing activity_log structure from sql files
>>>>>    - Report a message if php fails moving around the files.
>>>>>    - A few other minor fixes.
> 
> 
> _____________________________________________________________________________________________
> 
> Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Openupload-devel mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/openupload-devel