Still not working as expected.

Sorry I am using 7.x-1.x-dev,

When you say use the filter do you mean adding that to the LDAP USER TO DRUPAL USER RELATIONSHIP box?

I have tried that and it came back with same error message, I do not have any roles created in drupal yet other than the default ones and so when my users start logging in I would like all the roles to be created.

Cheers Dan

The role name length should only be the same as the group name If I'm not mistaken and my AD groups have 20 characters maximum, so it doesn't explain why they're not being created.

Thanks Dan

I haven't got anything in the box 3A as I don't have any drupal roles created and I am not trying to map them.

In box 2B I have this ticked and memberOf in the box, when a user logs in I would like to to create all the groups they're are a member of as drupal roles. I am not trying to map roles to an OU.

Thanks Dan

Background,
I am currently using drupal 6.22 with the ldap_integration module installed, the way that works is when a user logs in if they are already in AD they get authenticated and all the relevant drupal roles added that match the groups they're a member of. If there is a security group the user is a member of that does not exist as a drupal role the role is automatically created. I am trying to replicate this in drupal 7.4 with the ldap as I need to upgrade fairly shortly.

The problem is stated in the first post, when I try login with some Active Directory credentials it authenticates me and logs me in but shows the following error message.

PDOException: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'name' at row 1: INSERT INTO {role} (name, weight) VALUES (:db_insert_placeholder_0, :db_insert_placeholder_1); Array ( [:db_insert_placeholder_0] => cn=planning,ou=planning,ou=tadcaster,ou=innserve,dc=innserve,dc=local [:db_insert_placeholder_1] => 3 ) in drupal_write_record() (line 6851 of /var/www2/includes/common.inc).

Current config.
Drupal 7.4
ldap 7.x-1.0-beta2

ldap config
Microsoft Active Directory
all users are in many OU containers under the following OU containers
OU=Tadcaster,OU=INNSERVE,DC=innserve,DC=local
OU=Sunderland,OU=INNSERVE,DC=innserve,DC=local

All user are members of specific security groups, I thought that these security groups could be mapped to drupal roles automatically using the memerOf attribute, this is how it worked in ldapgroups previously.

ldap module config
SERVERS
One server setup, AD Ldap
Base DNs for LDAP user entries
OU=Tadcaster,OU=INNSERVE,DC=innserve,DC=local
OU=Sunderland,OU=INNSERVE,DC=innserve,DC=local

User Name Attribute
sAMAccountName

AUTHORIZATION
Derive Drupal Roles by Attribute used with memberOf added for attribute

ldap to drupal role mapping and filtering nothing added as I have no drupal roles created and I want all the security groups a user is a member of

On a side note I have created a development environment that mirrors my D6 installation and I will be running through an upgrade to D7 my whole login requirements rely on ldap so what would be the best way of doing this having ldap_integration already installed.

Thanks Dan

Hi John,

The module now lets me login and it creates roles for the user, but I am a little confused about how this is supposed to work as the names of the roles it has created are as follows

CN=IT,OU=IT,OU=TADCASTER,OU=INNSERVE,DC=INNSERVE,DC=LOCAL
CN=DOMAIN USERS,CN=USERS,DC=INNSERVE,DC=LOCAL

My User dharper is a member of the following security groups (not OU containers)

Domain Admins
Domain Users
IT
Planning
System Support
UAT
unixusers

I would expect that when I login the above are created as drupal roles and not the ones that have.

My user sits in the following OU container
OU=IT,OU=TADCASTER,OU=INNSERVE,DC=INNSERVE,DC=LOCAL

Hope this makes sense.

Thanks Dan

Ahah,

I ticked the box which reads

Convert full dn to value of first attribute. e.g. cn=admin group,ou=it,dc=ad,dc=nebraska,dc=edu would be converted to admin group

and everything works as expected many thanks.

Dan