I've been unable to create users with optional "ldapdata" attributes. I traced the problem down to the generated LDIF : some attributes had "empty" values and so, the syntax is incorrect. Example :

dn: uid=cc,ou=uu,dc=x,dc=y
objectClass: top
objectClass: inetOrgPerson
objectClass: MyorgUser
uid: cc
mail: valid.mail@address.com
givenName: xx
sn: xx
cn: xx
userPassword: xx
orgMyOrgJID:
labeledURI: my.web.address
l:

I had a look at the LDAP logs and figured out the problem in this LDIF was the optional orgMyOrgJID which had not a correct syntax (i.e. empty).

So I had to patch line 1831 (use "!empty" instead of "isset") in ldapprov.module :

replace
if (isset($ldapdata_options[$attribute]) && $ldapdata_options[$attribute] > 0 && isset($data['ldap_'. $attribute]) ) {
with
if (isset($ldapdata_options[$attribute]) && $ldapdata_options[$attribute] > 0 && !empty($data['ldap_'. $attribute]) ) {

And it works !

Comments

miglius’s picture

miglius CreditAttribution: miglius commented
Status: Needs review » Fixed

Committed. Thanks!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

  • Commit 7778470 on master, 6.x-2.x, 6.x-1.x by miglius: 
    ldap_provisioning: ldapdata attribute should not be empty, #361067 by...

  • Commit 7778470 on master, 6.x-2.x, 6.x-1.x by miglius: 
    ldap_provisioning: ldapdata attribute should not be empty, #361067 by...