I have a weird issue. It seems that LDAP_Authorisation can see my roles and the group memberships (See first attachment)
However the roles aren't actually being granted to the user despite the configuration (See second attachment) being apparently correct (It passes the included drupal role test)
The message in the log is:
LdapAuthorizationConsumerAbstract grantsAndRevokes() method log. action=grant:
no actions
| Comment | File | Size | Author |
|---|---|---|---|
| #9 | 1548102.patch | 1.08 KB | johnbarclay |
| Edit LDAP Authorization Configuration - Intranet.png | 163.23 KB | Homotechsual | |
| Test LDAP Authorization Configuration - Intranet.png | 30.3 KB | Homotechsual |
Comments
Comment #1
CAPSLOCK2000 commentedTry switching your Drupal roles to lower-case. That seems to have fixed my problems with groups not being assigned.
Comment #2
johnbarclay commentedIf this is case sensitive its a bug. Please confirm that this is the case.
Comment #3
Homotechsual commentedI can't test this yet - having issues with the server we use for our intranet atm. Once we replace the hardware this week I'll get back to you on whether or not case makes a difference.
Comment #4
Homotechsual commentedComment #5
figtree_development commentedI am having this same issue. when I try to map in section III, using the pattern
{ldap group} | group-name="MY Group", group-role=member
Returns an error stating that the group and role does NOT exist and it DOES!
UPDATE: here is the ERROR
"group-name=GroupNAME,role-name=member" does not map to any existing organic groups and roles. Since automatic organic group creation is not possible with this module, an existing group must be mapped to.
when I try to map using the pattern:
{ldap group} | gid=2,rid=2
Saves and returns, however only working in testing, DOES NOT work when enabled. I am also mapping to other roles I dont know if that causes a conflict.
Thoughts?
Comment #6
johnbarclay commentedI'll look further into this. The organic groups configuration (comment #5) may simply not work. It hasn't been tested outside of myself and the unit tests. The drupal group authorisation sounds like case sensitivity. In either case, the ball is in my court on this issue.
Comment #7
figtree_development commentedIf the OG Auth. simply doesn't work. Can you recommend another way to tie OG group membership to LDAP? We currently have your module working to tie LDAP Auth. to roles, but now have a need to tie groups in.
Comment #8
johnbarclay commentedI'm not sure of another method unless there is a module to bridge drupal roles to og groups. Seems like such a thing might exist. I'm not familiar with organic groups.
You might try the patch at http://drupal.org/node/1477540#comment-5938894
This thread should be moved there also as you accidentally hijacked a ldap authorization to drupal roles thread.
Comment #9
johnbarclay commentedI can recreate this. With a mixed case drupal role "Campus Accounts", any mapping regardless of whether the cases match fails. Attached is a patch for this that basicall stores the role to role id associative array keys in lower case. I'm committing this because its an obvious fix and does not break unit tests. BTW the case sensitivity in the unit tests is for the ldap attributes being mixed case, so a mixed case drupal role name was not being tested.
Comment #10
johnbarclay commentedComment #11
johnbarclay commentedComment #12
johnbarclay commentedComment #14
bailey86 commentedWe used the filter and the role mapping to get around this. This means that our LDAP groups still have capitals in them - when Drupal roles are created they then use the mapped values - i.e. all lowercase - and this in turn means that the user account gets assigned to the role correctly.
Comment #15
bailey86 commentedComment #16
johnbarclay commentedThis seems like a duplicate of #1607024: authorization drupal role not mapping roles because of case mismatch.. I'm closing this as a duplicate. Follow up in #1607024: authorization drupal role not mapping roles because of case mismatch. for any case sensitivity issues in authorization.