I'm trying to add new mapping lines to the "Mapping of LDAP to drupal role (one per line)" long text field under the "Authorization" tab for a particular server. When I try, I get the following messages...

"Editor" does not map to any existing Drupal roles. It will be created when needed. If "Editor" is not intentional, please fix it
"WebDev" does not map to any existing Drupal roles. It will be created when needed. If "WebDev" is not intentional, please fix it
Status message LDAP Authorization LDAP Groups Updated

...which leads me to feel that the configuration was successfully updated. But when I re-edit the server under the "Authorization" tab, I find that the two new mappings/lines did not "stick." Likewise, their associated roles are not created when members of those LDAP roles log in.

This works just fine on a different virtual machine that is a copy of this virtual machine, so I don't know why one machine would work and one would not. I've turned off all caching and cleared the cache.

Someone please help, as this is a production machine and we cannot progress with our work until these roles are created. Any help is greatly appreciated.

Thanks,
John

Comments

geste’s picture

geste CreditAttribution: geste commented

I wonder if duplicate rows are being created in your ldap_authorization table as I am seeing (part of this recent issue: http://drupal.org/node/1588854). I have deleted extra rows and have been editing that single-row table using phpMyAdmin in the meantime as a workaround.

Jim

MrSasquatch’s picture

MrSasquatch CreditAttribution: MrSasquatch commented

I upgraded to beta10 (was on beta9), and now the problem is solved, except now all of my mappings/roles are forced to lower case, which is weird.

johnbarclay’s picture

johnbarclay CreditAttribution: johnbarclay commented
Version: 7.x-1.0-beta9 » 7.x-1.0-beta10
Status: Active » Fixed

the lowercase thing is new; there were so many case sensitivity issues that I wanted to make it clear that everything was simply being converted to lowercase. This may seem odd, but I'm hoping it will help the issue queue and take a step out of trial and error troubleshooting.

I'm marking this as fixed, reopen if this is not the case.

MrSasquatch’s picture

MrSasquatch CreditAttribution: MrSasquatch commented

I still think there needs to be a way to have mixed-case role names.

johnbarclay’s picture

johnbarclay CreditAttribution: johnbarclay commented

I agree. The stored, visible, and created group name should be case sensitive. The comparison and any searching should be case insensitive. I don't want to head down this road though until I have actual ldap test servers; the simpletests do a poor job of cases where the ldap implementation affects behaviour; such as case sensitivity, escaped characters, etc. We are working on some live test ldap installs that the simpletests can run against as well as any user of the ldap module for testing etc.

MrSasquatch’s picture

MrSasquatch CreditAttribution: MrSasquatch commented

Sounds like a great plan. Please keep up your fine work. I don't know what we'd do without your module. It's exactly what we need, and it's working like a charm.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.