Hi I just installed last dev version and after configure my server instance with new group field to IIB noticed that roles and group mapping stopped working. After a bit of research noticed that authorizations was empty:
../ldap_authorization/ldap_authorization.inc :: 423
$authorizations = $ldap_server->groupUserMembershipsFromUserAttr($user_ldap_entry);
because $user_ldap_entry was missing memberof array in 'attr' and funtion returned False.
Strange thing was that server tests were working fine and grapping all groups from memberof.
I managed to fix this in ../ldap_servers/LdapServer.class.php :: function userUserToExistingLdapEntry($user)
Change line 908
from: $user_ldap_entry = $user;
to: $user_ldap_entry = $this->userUserNameToExistingLdapEntry($user['attr'][$this->user_attr][0]);
Comment | File | Size | Author |
---|---|---|---|
#1 | IIBGroupConfiguration.PNG | 42.6 KB | vgalindus |
#1 | IIBMappingWorking.PNG | 43.06 KB | vgalindus |
#1 | IIBMappingError.PNG | 51.99 KB | vgalindus |
Comments
Comment #1
vgalindus CreditAttribution: vgalindus commentedComment #2
vgalindus CreditAttribution: vgalindus commentedAfter debugging a bit into this I noticed that form has no values from the tables mapping. Can anyone confirm this? I think there is some buggy render of the form that makes drupal didn't grab the values from both tables.
Comment #3
johnbarclay CreditAttribution: johnbarclay commentedThe 2.0 version isn't working at the moment. I'm about to wrap up the ldap_server module changes. Once thats done I'll move onto ldap_authorization, ldap_user, ldap_authentication. Here is a related post: http://drupal.org/node/1115704#comment-6560920
In short, some of the fields are moving from ldap_authorization to ldap_servers. These are the group fields that can be reused in group provisioning and other group functionality. Aside from being moved the group membership functions were fixed and added to the test coverage. So now what was authorization IIB and IIC should work without case sensitivity issues and for openldap.
Ldap_authorization will be next since it will just take some tweaking to (1) remove some fields from the UI and (2) use those same values from the server object.
I'll keep the status updated in http://drupal.org/node/1115704 and in the commit messages. Thanks for keeping an eye on things. It will be very helpful if you can keep doing so as I wrap up the alphas of the modules in the next week or so.
Comment #4
johnbarclay CreditAttribution: johnbarclay commentedComment #5
johnbarclay CreditAttribution: johnbarclay commentedThis was fixed some time ago. Please reopen if "Attribute in User Entry Containing Groups" (e.g. memberOf) comes up again in 7.x-2.x-dev.