Group mapping grabs username instead of Group

Thanks. Here they are.

I'm back on this issue trying to get LDAP Groups to work. It worked for me before when they were set externally, but have not worked for me since they went into the admin section.

I have been using the dev from March 30, so I tried the May 9th and have gotten an error:

• warning: ldap_get_option(): supplied argument is not a valid ldap link resource in /srv/www/htdocs/sites/all/modules/ldap_integration/includes/LDAPInterface.inc on line 82.
• warning: ldap_errno(): supplied argument is not a valid ldap link resource in /srv/www/htdocs/sites/all/modules/ldap_integration/includes/LDAPInterface.inc on line 167.
• warning: ldap_error(): supplied argument is not a valid ldap link resource in /srv/www/htdocs/sites/all/modules/ldap_integration/includes/LDAPInterface.inc on line 167.

The third line looks like a typo? ldap_errno()

I also tried uninstalling Persistent Login because I read that people were having trouble with that killing their Groups sync. No luck. Thanks.

BTW, my IT guy tells me we are working with a Novell system. Would that make a difference as to which settings I should be using? Thanks.

This was my old ldapgroups.php file that worked just fine:

function ldapgroups_role_mappings() {
  return array(
     // LDAP group: Staff => Drupal role: hcc staff
	// 'cn=Staff' => 'hcc staff';
	//'cn=Faculty' => 'hcc faculty'
    // Make sure the last group->role mapping does NOT have a trailing comma (,).
    //'cn=admin,ou=Group,dc=example,dc=com' => 'IT'
	'Staff' => 'Staff',
	'Student Worker' => 'Staff',
	'Faculty' => 'Faculty',
	'Adjunct Faculty' => 'Adjunct Faculty'
	//'Student' => 'Registered Student'
	//'cn=Faculty' => 'hcc faculty'
  );
}

/**
 * Note: Uncommenting this function will limit the groups -> roles conversion to ONLY those groups that are
 * specified in the function ldapgroups_role_mappings().
 */

function ldapgroups_roles_filter($groups) {
  $roles = array();
  // This should take the roles array, pass it thru the filters and send a NEW set of roles back the filter.
  foreach ($groups as $group) {
    foreach (ldapgroups_role_mappings() as $approved_group => $approved_role) {
      // Must strip spaces?
      $group_stripped = preg_replace('/\s+/', '', $group);
      $approved_group_stripped = preg_replace('/\s+/', '', $approved_group);
      if (strcasecmp($approved_group_stripped, $group_stripped) == 0) {
        // This role is specified - grant.
        $roles[] = $approved_role;
      }
    }
  }
  return $roles;
}

I am not able to get this to work with the updated internal interface. Any thoughts? Thanks.

Thanks for the note.

When a new staff member logs in to the site for the first time it grabs their Title, Department, Room Number, Phone Extension, basically everything but their Group. Can it do that without an LDAP connection?

The reports don't show any problems.

The question I have is: when it was working before, when I had the group info in a separate file, it seemed very simple. Now it seems to be asking for a lot more information. My users, in the network, belong to a group called "Staff". I want to map to a role named "Staff". Do you think this is no longer possible with Novell? Thanks.

I got it to create a Role based on my Username. That is not what I was trying for, but it may be some progress, nonetheless.

I got rid of the first set of options and just used the third. Now no roles are created.

Here is my basic setup. Thanks again for your help.

There are two ways to get the groups:

We're pulling from a novell directory and the net admins have the users grouped by dn. There is only two groups stored this way. Students and everyone else.

Also, there is two cn attributes assigned to each user. The second cn attribute on each user is a more detailed group designator. This is where we get roles such as Staff, Faculty,...etc.

My admin guy sent me this file in answer to your question. I hope it is what you need. Thanks.

Thanks for the note. My IT guy is off today but I will ask him to explain his 'interesting' setup in the morning.

Yeah, our Novell guys did not set the system up in any comprehensible way. Nonetheless, that is what I have to work with. Sorry.

The second cn attribute is what I had working before and is what I would like to get working now. Thanks.

Does anyone have any thoughts how I can get this to work? I had it working with the group mappings in an external file. Now that it is in the interface I can not get the setting right. Would anyone that has this working please send me a screen shot of their settings so that i can give it a try.

I have pretty much resolved myself to the fact that this module does not work for mapping groups to roles. I will have to enter the groups/roles manually. I was going to go back to the older version that I had working, but I wish to use the LDAP sync module that I have seen elsewhere. The other parts work and thank you for that.