| Summary | unable to create groups with ldap |
| Queue | Horde Framework Packages |
| Queue Version | HEAD |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | ben (at) |
| Requester | pascal (at) vmfacility (dot) fr |
| Created | 11/16/2006 (6933 days ago) |
| Due | |
| Updated | 11/24/2006 (6925 days ago) |
| Assigned | 11/16/2006 (6933 days ago) |
| Resolved | 11/24/2006 (6925 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
Can someone please close this ticket, or give me access to do so? Thanks!
zero for empty value
thing on some systems. Fixed in HEAD.
New Attachment: ldap_cvs_1.18.2.3.php.diff
this patch file replaces all the preceeding patches in this report
with fixes for webmail edition RC1 ./lib/Horde/Group/ldap.php :
* some dn where not initialized with basedn from config
* newgroup_objectclass can be an array
* set first gidnumber to 1 not zero as php empty() function takes zero
for empty value
In _nextGid() 0 is returned if no groups are found.
but in _toAttributes() the empty test on 0 makes gidnumber become ' '
because 0 is considered empty by php empty() function.
I patched _nextGid() to return 1 instead of zero and voila I can now
add the first group.
I think a new confguration parameter could be added like
first_gidnumber maybe for posixgroups.
So here is the final patch I made.
New Attachment: ldap.php.20061120.diff
edition RC1 ./lib/Horde/Group/ldap.php
* some dn where not initialized with basedn from config
* newgroup_objectclass can be an array
Priority ⇒ 2. Medium
Queue ⇒ Horde Framework Packages
State ⇒ Assigned
"Examining the ldap trace I found this is because horde in the first
group creation provides gidNumber."
with
"Examining the ldap trace I found this is because horde in the first
group creation DOES NOT PROVIDE a gidNumber."
i'm typing too quickly sorry.
I really have
$conf['group']['params']['basedn'] = 'ou=groups,ou=horde,dc=example,dc=fr';
of course, for groups to be created in the right 'groups' ou.
I also noticed that :
1. If the ldap base contains NO groups, then I am unable to create one
until I manually create a group in my ldap base. Because ldap
complains that there is a syntax problem during horde group creation.
Examining the ldap trace I found this is because horde in the first
group creation provides gidNumber. If I create a group in ldap
manually with a gidNumber then horde can create groups.
BUT providing that ...
2. A group with hordeGroup objectclass must exist in the ldap database
for horde creation to be successfull.
If the group manually created in 1 miss the hordeGroup objectclass
then horde cannot see this group, nor can it add any group (first
gidNumber problem).
I don't know how to deal with this problem other than creating a first
group in ldap manually with a hordeGroup objectclass and a gidNumber.
Maybe a firstgidNumber could be added to the horde configuration ?
This is my config for groups :
$conf['group']['params']['hostspec'] = 'ldap://ldap.example.fr';
$conf['group']['params']['basedn'] = 'ou=horde,dc=example,dc=fr';
$conf['group']['params']['binddn'] = 'cn=admin,dc=example,dc=fr';
$conf['group']['params']['password'] = 'password';
$conf['group']['params']['version'] = '3';
$conf['group']['params']['gid'] = 'cn';
$conf['group']['params']['memberuid'] = 'memberUid';
$conf['group']['params']['newgroup_objectclass'] = array('posixGroup',
'hordeGroup');
$conf['group']['params']['objectclass'] = array('posixGroup');
$conf['group']['params']['filter_type'] = 'objectclass';
$conf['group']['driver'] = 'ldap';
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ unable to create groups with ldap
Queue ⇒ Horde Groupware
State ⇒ Unconfirmed
when I have more than one value in field
$conf['group']['params']['newgroup_objectclass'] (like
array('posixGroup', 'hordeGroup') ).
Looking at the code lib/Horde/Group/ldap.php I found what I think is a bug.
With the following patch, I can create groups and modify them:
# diff -u lib/Horde/Group/ldap.php.org lib/Horde/Group/ldap.php
--- lib/Horde/Group/ldap.php.org 2006-11-16 01:30:46.000000000 +0100
+++ lib/Horde/Group/ldap.php 2006-11-16 01:31:18.000000000 +0100
@@ -43,7 +43,7 @@
$this->_params['gid'] = strtolower($this->_params['gid']);
$this->_params['memberuid'] =
strtolower($this->_params['memberuid']);
foreach ($this->_params['newgroup_objectclass'] as $key => $val) {
- $this->_params['newgroup_objectclass'][$key] = strtolower($val);
+ $this->_params['objectclass'][$key] = strtolower($val);
}
/* Generate LDAP search filter. */