6.0.0-git
2019-03-21

[#9197] Group Listing returns fatal error
Summary Group Listing returns fatal error
Queue Horde Framework Packages
Queue Version Git master
Type Bug
State No Feedback
Priority 2. Medium
Owners jan (at) horde (dot) org
Requester hutter (at) ihs (dot) ac (dot) at
Created 2010-08-24 (3131 days ago)
Due
Updated 2011-03-16 (2927 days ago)
Assigned 2011-03-14 (2929 days ago)
Resolved 2011-03-16 (2927 days ago)
Milestone
Patch No

History
2011-03-16 17:15:03 Jan Schneider Comment #12
State ⇒ No Feedback
Reply to this comment
Too bad.
2011-03-16 16:52:20 hutter (at) ihs (dot) ac (dot) at Comment #11 Reply to this comment
Is this still happening after the Horde_Group rewrite?
Are you referring to the rewrite you mentioned on 09/13/10? Yes.
If you talk about a later rewrite, I have not tested it again because 
my management didn't allow for more months to wait until deploying a 
working solution. So we decided (sadly) to use a different software.

My resources are exhausted at the time, maybe I'll have in a couple of 
weeks time to look at the most recent H4 version in my spare time.
2011-03-14 21:45:47 Jan Schneider Comment #10
State ⇒ Feedback
Reply to this comment
Is this still happening after the Horde_Group rewrite?
2011-03-13 03:24:25 Chuck Hagenbuch State ⇒ Assigned
 
2010-09-14 10:04:58 hutter (at) ihs (dot) ac (dot) at Comment #9
New Attachment: group_Ldap.php.diff Download
Reply to this comment
Ok, I checked the group staff as requested.

To get it work I had to modify framework/Auth/lib/Horde/Auth/Ldap.php 
(see Ticket #9196) and framework/Group/lib/Horde/Group/Ldap.php.
In Group/Ldap.php I had to change the names for the variables storing 
bind user and password (again ldiff -u attached).

Result: empty page by clicking on administration-Groups (only header 
and footer is shown but no groups are listed), clicking on shares in 
kronolith let me select the groups. Therefore I think it works, 
although no groups are listed.
2010-09-13 16:36:22 hutter (at) ihs (dot) ac (dot) at Comment #7 Reply to this comment
Hi Jan,

ok I pulled the whole thing from the scratch and applied my config.

I think there is an typoo in framework/Group/lib/Horde/Group/Ldap.php 
on line 459, I get
an syntax error "unexpected }"
changing the line
$cache[$group] = $res
to
$cache[$group] = $res; seems to work.
At least after login I can see the sidebar (without the ";" I only got 
the top menu).

Nevertheless I get a bunch of warnings in the apache log and 
horde.log. I will take a look at these tomorrow.

2010-09-13 13:51:41 hutter (at) ihs (dot) ac (dot) at Comment #6 Reply to this comment
As I just wrote to the horde list, I get an error message when trying to pull.

git pull
dev.horde.org[0: 208.52.151.194]: errno=Connection refused
fatal: unable to connect a socket (Connection refused)



2010-09-13 13:44:40 Jan Schneider Comment #5
Assigned to Jan Schneider
State ⇒ Feedback
Patch ⇒ No
Reply to this comment
If just fixed a lot of stuff in the LDAP group driver which was 
completely broken. Can you try if the issues reported here have all 
been fixed now?
2010-09-07 11:47:44 michael (dot) groene (at) zew (dot) uni-hannover (dot) de Comment #4 Reply to this comment
What kind of LDAP Implementation do you have? Maybe this applies 
only to active directory servers.
We're using Active Directory on Windows 2003 Server.
I assume you mean Manage Calenders and then click on the prefernces icon.
Yes.
Well, after the git pull on 24.8. I can not see this anymore in H4.
At the moment I am using the version from 29th august.
Nevertheless, in framework/Group/lib/Horde/Group/Ldap.php in function
  exists($group) the call of @ldap_compare doesn't work (at least 
with our AD).
In our setup the following error occurs:
[07-Sep-2010 13:30:50] PHP Warning:  implode(): Invalid arguments 
passed in /usr/share/php/Horde/Group/Ldap.php on line 498
(one error per Group is written)

var_dump($result); returns NULL -> where is this variable filled?
this is the function:
     public function getGroupParent($dn)
     {
         if (@ldap_explode_dn($dn, 0) === false) {
             throw new Horde_Group_Exception('Invalid group ID passed 
(bad DN syntax)');
         }
         unset($result['count'], $result[0]);

         $parent_dn = implode(',', $result);

         return (Horde_String::lower($parent_dn) == 
Horde_String::lower($GLOBALS['conf']['group']['params']['basedn']))
             ? DATATREE_ROOT
             : $parent_dn;
     }

When I click on a Group, following error occurs:
[07-Sep-2010 13:33:27] PHP Fatal error:  Call to protected method 
Horde_Group_LdapObject::_fromAttributes() from context 
'Horde_Group_Ldap' in /usr/share/php/Horde/Group/Ldap.php on line 251

Turning _from/_toAttributes to public functions works for me (means 
Groups are "clickable", but still empty).

2010-09-06 15:32:37 hutter (at) ihs (dot) ac (dot) at Comment #3 Reply to this comment
Note: The Group Listing is still empty (as in H3) but this seems to
be another problem I'm trying to track down in the code.
The group-listing does work for me (same configuration as in H3).
What kind of LDAP Implementation do you have? Maybe this applies only 
to active directory servers.
What still doesn't work is to list the groups in an application 
(here: kronolith). In H3 we hacked the code to get it worked.
When you get the Groups in the admin-interface listed, could you 
check, whether the Groups are even listed in Kronoliths' 
calendar-adminpanel?
I assume you mean Manage Calenders and then click on the prefernces icon.
Well, after the git pull on 24.8. I can not see this anymore in H4.
Nevertheless, in framework/Group/lib/Horde/Group/Ldap.php in function
  exists($group) the call of @ldap_compare doesn't work (at least with our AD).
I worked around by adding a stristr call if ldap_compare returns 'false'.
This works but it turned out that we now have errors in the apache log:
PHP Warning:  implode(): Invalid arguments passed
This was solved by modifying function getGroupParent($dn).
original code snippet:
if (@ldap_explode_dn($dn, 0) === false) {
             throw new Horde_Group_Exception('Invalid group ID passed 
(bad DN syntax)');
         }
added to this:
  else {
$result = @ldap_explode_dn($dn, 0);
}

I think it would be better to move this discussion to the horde list. 
The bug as first described is about improper variable names. As soon 
there are relevant new commits to git, I will have a look at this 
again. Maybe we will have to create a new ticket if this is really a 
bug in function getGroupParent.
2010-09-06 13:27:42 michael (dot) groene (at) zew (dot) uni-hannover (dot) de Comment #2 Reply to this comment
So I replaced those with searchdn (password with searchpw) and it works.
Thank you, I changed the variables in Ldap.php, too -> works.
Note: The Group Listing is still empty (as in H3) but this seems to 
be another problem I'm trying to track down in the code.
The group-listing does work for me (same configuration as in H3). What 
still doesn't work is to list the groups in an application (here: 
kronolith). In H3 we hacked the code to get it worked.
When you get the Groups in the admin-interface listed, could you 
check, whether the Groups are even listed in Kronoliths' 
calendar-adminpanel?
2010-08-24 17:08:57 hutter (at) ihs (dot) ac (dot) at Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 2. Medium
Summary ⇒ Group Listing returns fatal error
Queue ⇒ Horde Framework Packages
Milestone ⇒
Patch ⇒ Yes
Reply to this comment
Setup: H4 latest git code and Active Directory on Windows 2000 Server

Clicking on Groups (logged in as administrator) returns the following
error:
A fatal error has occurred
Could not reach the LDAP server
[line 556 of .../horde/framework/Group/lib/Horde/Group/Ldap.php]

Looking at the code (horde/framework/Group/lib/Horde/Group/Ldap.php)
you find the folowing snippet:
        if (isset($this->_params['binddn'])) {
            $bind = @ldap_bind($this->_ds, $this->_params['binddn'],
                               $this->_params['password']);
        } else {
            $bind = @ldap_bind($this->_ds);
        }

        if (!$bind) {
            throw new Horde_Group_Exception('Could not bind to LDAP server');
        }

Well I don't know why one don't see the error "Could not bind to LDAP Server",
maybe it's overwritten by the following Horde_Group_Exeption from the
ldap_search call. Nevertheless, binddn is empty, so an anonymous bind is
tried. Windows 2008 AD Server prevents anonymous binds by default. I couldn't
find any setting in the conf.php named "binddn" nor any in conf.php.dist.
So I replaced those with searchdn (password with searchpw) and it works.

Note: The Group Listing is still empty (as in H3) but this seems to be 
another problem I'm trying to track down in the code.

Saved Queries