Loading...
 
LDAP / Active directory

LDAP / Active directory


Create User if not in Auth seems broken...

I am using tikiwiki 1.10, logging in as users not created in the tiki works fine, and when creating users in the tiki, slapd returns an error code of 0 on each operation (error code 0 = no error), but no entries are created/found. here is a link to the messages returned by slapd in both user registration and initial login (from link in email, I am using email verification): http://sh.nu/p/24032 . I greatly appreciate any help, as I need users to be created in the ldap tree when registered. Thanks!
United States

I've not tried this, but I assume you would need the admin dn and admin password defined and for that dn to have create rights in the directory. That code is in 1.10cvs or you can find the thread for using TW & active directory. There is code there to add those config parameters to TW.

Can you post your tiki/ldap config?

\\Greg



United States


For AD, the LDAP user attribute is supposed to be samAccountName. But I don't know if that's the cause. Try that.
You might also check the security for directory service event log for clues.

\\Greg


Thank you for your attempts, unfortunately, changing the user attribute to samAccountName doesn't work. I've also tried using wildcards and clearing entries out to match the AD config on doc.tw.o, no luck there. I don't think that checking the security for directory service event log will work, mainly because the ldap server in question is a linux box running openldap, and no such thing exists wink The closest thing to such a log is the slapd debug dump that was in my original post..... I'm completely out of ideas, and this bug has been stopping me from going live for over a week (something tells me it's _not_ a simple config issue, and probably a bug in the code, problem is.. I don't code php) evilevilevil I'm willing to chat with any dev on irc or any other medium and figure out what is going on, I've been adminning linux boxes for almost 12 years, and nothing has taken me this long to get to the bottom of..... frown

In lib/pear/Auth/Container.php, look for:

function log($message, $level = AUTH_LOG_DEBUG)

just before return $this->_auth_obj->log($message, $level);

add the following line (with a suitable file location):

error_log($message . "\n", 3, "/var/tmp/auth.log");

Examine that log file and see if it gives you any more info.


United States

My bad on the AD reference. I replied to three threads that night and got myself confusedredface

I've never treid the create user function and don't know if it was tested. Try what nkoth suggests and we'll see what you find.

\\Greg


I've had a good look at the code. Aside from some minor bugs, there is also the problem that the PEAR LDAP lib does not contain the adduser functionality. It is possible to write our own.

Also, one little tip regarding those index errors in openldap. You may want to set indexes in slapd.conf using the line:

index objectClass,uid eq

But remember to run slapindex to rebuild the indices otherwise your searches will be out of date.


Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting