Forums / Install & configuration / LDAP group mapping using SimpleMapping

LDAP group mapping using SimpleMapping

Previous topic

Install & configuration

Next topic

Author	Message
Mathieu Peltier	Monday 17 January 2011 2:49:10 am Hi, I would like to map LDAP to eZ groups with SimpleMapping. I cannot make it work without the following modification in ./kernel/classes/datatypes/ezuser/ezldapuser.php. Is this a bug or a configuration issue (maybe related to the LDAP server I am trying to use)? I am using eZ Publish 4.4.0. Thanks Mathieu --- ./kernel/classes/datatypes/ezuser/ezldapuser.php.orig 2011-01-14 13:59:10.000000000 +0100 +++ ./kernel/classes/datatypes/ezuser/ezldapuser.php 2011-01-17 10:38:56.000000000 +0100 @@ -488,15 +488,29 @@ $groupsTree = array(); $stack = array(); - $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['dn'] . '))'; + // $userData['uid'][0]=<login> -> OK + // $userData['dn']=uid=<login>,ou=users,dc=domain.org,dc=local -> KO + $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['uid'][0] . '))'; $groupsTree[ $userData['dn'] ] = array( 'data' => & $userData, 'parents' => array(), 'children' => array() ); settings/override/ldap.ini.append.php file: [LDAPSettings] LDAPDebugTrace=enabled # LDAP Server LDAPServer=ldap.domain.org # Where to find users LDAPBaseDn=dc--domain.org,dc--local # Group mapping LDAPGroupMappingType=SimpleMapping LDAPCreateMissingGroups=disabled LDAPGroupBaseDN=dc--domain.org,dc--local LDAPGroupClass=<name of my group object in LDAP> LDAPGroupNameAttribute=cn LDAPGroupMemberAttribute=<name of the attribute of my group object in LDAP specifying the members of the groups> LDAPUserGroupMap[] LDAPUserGroupMap[group1]=ezgroup1 LDAPUserGroupMap[group2]=ezgroup2 LDAPUserGroupMap[group3]=ezgroup3 # Default group (if group mapping fails) LDAPUserGroupType=name LDAPUserGroup[]=Members # if 'enabled' you can move LDAP users to a different group and they will not # be automatically moved back (to the group they are configured to be placed in) # when the user logs in again. KeepGroupAssignment=disabled

Author

Message

Mathieu Peltier

Monday 17 January 2011 2:49:10 am

Hi,
I would like to map LDAP to eZ groups with SimpleMapping. I cannot make it work without the following modification in ./kernel/classes/datatypes/ezuser/ezldapuser.php. Is this a bug or a configuration issue (maybe related to the LDAP server I am trying to use)? I am using eZ Publish 4.4.0.
Thanks
Mathieu

--- ./kernel/classes/datatypes/ezuser/ezldapuser.php.orig 2011-01-14 13:59:10.000000000 +0100
+++ ./kernel/classes/datatypes/ezuser/ezldapuser.php 2011-01-17 10:38:56.000000000 +0100
@@ -488,15 +488,29 @@

$groupsTree = array();
$stack = array();
- $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['dn'] . '))';
+ // $userData['uid'][0]=<login> -> OK
+ // $userData['dn']=uid=<login>,ou=users,dc=domain.org,dc=local -> KO
+ $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['uid'][0] . '))';

$groupsTree[ $userData['dn'] ] = array( 'data' => & $userData,
'parents' => array(),
'children' => array() );

settings/override/ldap.ini.append.php file:

[LDAPSettings]
LDAPDebugTrace=enabled

# LDAP Server
LDAPServer=ldap.domain.org

# Where to find users
LDAPBaseDn=dc--domain.org,dc--local

# Group mapping
LDAPGroupMappingType=SimpleMapping
LDAPCreateMissingGroups=disabled
LDAPGroupBaseDN=dc--domain.org,dc--local
LDAPGroupClass=<name of my group object in LDAP>
LDAPGroupNameAttribute=cn
LDAPGroupMemberAttribute=<name of the attribute of my group object in LDAP specifying the members of the groups>
LDAPUserGroupMap[]
LDAPUserGroupMap[group1]=ezgroup1
LDAPUserGroupMap[group2]=ezgroup2
LDAPUserGroupMap[group3]=ezgroup3

# Default group (if group mapping fails)
LDAPUserGroupType=name
LDAPUserGroup[]=Members

# if 'enabled' you can move LDAP users to a different group and they will not
# be automatically moved back (to the group they are configured to be placed in)
# when the user logs in again.
KeepGroupAssignment=disabled

eZ debug

Timing:

Jan 18 2025 00:00:51

Script start

Timing:

Jan 18 2025 00:00:51

Module start 'content'

Timing:

Jan 18 2025 00:00:52

Module end 'content'

Timing:

Jan 18 2025 00:00:52

Script end

Main resources:

Total runtime

0.9499 sec

Peak memory usage

4,096.0000 KB

Database Queries

183

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0045	589.2656	180.8281
Module start 'content'	0.0045	0.7956	770.0938	453.8672
Module end 'content'	0.8000	0.1498	1,223.9609	333.0625
Script end	0.9499		1,557.0234

Checkpoint

Start (sec)

Duration (sec)

Memory at start (KB)

Memory used (KB)

Script start

0.0000

0.0045

589.2656

180.8281

Module start 'content'

0.0045

0.7956

770.0938

453.8672

Module end 'content'

0.8000

0.1498

1,223.9609

333.0625

Script end

0.9499

1,557.0234

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0040	0.4158	21	0.0002
Check MTime	0.0016	0.1649	21	0.0001
Mysql Total
Database connection	0.0004	0.0418	1	0.0004
Mysqli_queries	0.8724	91.8374	183	0.0048
Looping result	0.0030	0.3199	181	0.0000
Template Total	0.9226	97.1	2	0.4613
Template load	0.0026	0.2786	2	0.0013
Template processing	0.9199	96.8403	2	0.4600
Template load and register function	0.0001	0.0140	1	0.0001
states
state_id_array	0.0009	0.0983	1	0.0009
state_identifier_array	0.0013	0.1359	2	0.0006
Override
Cache load	0.0022	0.2355	54	0.0000
Sytem overhead
Fetch class attribute can translate value	0.0019	0.2035	2	0.0010
Fetch class attribute name	0.0012	0.1232	2	0.0006
XML
Image XML parsing	0.0024	0.2508	2	0.0012
class_abstraction
Instantiating content class attribute	0.0000	0.0007	2	0.0000
General
dbfile	0.0068	0.7143	27	0.0003
String conversion	0.0000	0.0006	3	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Accumulator

Duration (sec)

Duration (%)

Count

Average (sec)

Ini load

Load cache

0.0040

0.4158

0.0002

Check MTime

0.0016

0.1649

0.0001

Mysql Total

Database connection

0.0004

0.0418

0.0004

Mysqli_queries

0.8724

91.8374

183

0.0048

Looping result

0.0030

0.3199

181

0.0000

Template Total

0.9226

97.1

0.4613

Template load

0.0026

0.2786

0.0013

Template processing

0.9199

96.8403

0.4600

Template load and register function

0.0001

0.0140

0.0001

states

state_id_array

0.0009

0.0983

0.0009

state_identifier_array

0.0013

0.1359

0.0006

Override

Cache load

0.0022

0.2355

0.0000

Sytem overhead

Fetch class attribute can translate value

0.0019

0.2035

0.0010

Fetch class attribute name

0.0012

0.1232

0.0006

XML

Image XML parsing

0.0024

0.2508

0.0012

class_abstraction

Instantiating content class attribute

0.0000

0.0007

0.0000

General

dbfile

0.0068

0.7143

0.0003

String conversion

0.0000

0.0006

0.0000

Note: percentages do not add up to 100% because some accumulators overlap

CSS/JS files loaded with "ezjscPacker" during request:

Cache	Type	Packlevel	SourceFiles
	CSS	0	extension/community/design/community/stylesheets/ext/jquery.autocomplete.css extension/community_design/design/suncana/stylesheets/scrollbars.css extension/community_design/design/suncana/stylesheets/tabs.css extension/community_design/design/suncana/stylesheets/roadmap.css extension/community_design/design/suncana/stylesheets/content.css extension/community_design/design/suncana/stylesheets/star-rating.css extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css extension/community_design/design/suncana/stylesheets/buttons.css extension/community_design/design/suncana/stylesheets/tweetbox.css extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css extension/sevenx/design/simple/stylesheets/star_rating.css extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css extension/sevenx/design/simple/stylesheets/main.v02.css extension/sevenx/design/simple/stylesheets/main.v02.res.css
	JS	0	extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js extension/community_design/design/suncana/javascript/jquery.ui.core.min.js extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js extension/community_design/design/suncana/javascript/jquery.easing.1.3.js extension/community_design/design/suncana/javascript/jquery.ui.tabs.js extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js extension/community_design/design/suncana/javascript/jquery.popmenu.js extension/community_design/design/suncana/javascript/jScrollPane.js extension/community_design/design/suncana/javascript/jquery.mousewheel.js extension/community_design/design/suncana/javascript/jquery.cycle.all.js extension/sevenx/design/simple/javascript/jquery.scrollTo.js extension/community_design/design/suncana/javascript/jquery.cookie.js extension/community_design/design/suncana/javascript/ezstarrating_jquery.js extension/community_design/design/suncana/javascript/jquery.initboxes.js extension/community_design/design/suncana/javascript/app.js extension/community_design/design/suncana/javascript/twitterwidget.js extension/community_design/design/suncana/javascript/community.js extension/community_design/design/suncana/javascript/roadmap.js extension/community_design/design/suncana/javascript/ez.js extension/community_design/design/suncana/javascript/ezshareevents.js extension/sevenx/design/simple/javascript/main.js

Cache

Type

Packlevel

SourceFiles

CSS

extension/community/design/community/stylesheets/ext/jquery.autocomplete.css
extension/community_design/design/suncana/stylesheets/scrollbars.css
extension/community_design/design/suncana/stylesheets/tabs.css
extension/community_design/design/suncana/stylesheets/roadmap.css
extension/community_design/design/suncana/stylesheets/content.css
extension/community_design/design/suncana/stylesheets/star-rating.css
extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css
extension/community_design/design/suncana/stylesheets/buttons.css
extension/community_design/design/suncana/stylesheets/tweetbox.css
extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css
extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css
extension/sevenx/design/simple/stylesheets/star_rating.css
extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css
extension/sevenx/design/simple/stylesheets/main.v02.css
extension/sevenx/design/simple/stylesheets/main.v02.res.css

extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js
extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js
extension/community_design/design/suncana/javascript/jquery.ui.core.min.js
extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js
extension/community_design/design/suncana/javascript/jquery.easing.1.3.js
extension/community_design/design/suncana/javascript/jquery.ui.tabs.js
extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js
extension/community_design/design/suncana/javascript/jquery.popmenu.js
extension/community_design/design/suncana/javascript/jScrollPane.js
extension/community_design/design/suncana/javascript/jquery.mousewheel.js
extension/community_design/design/suncana/javascript/jquery.cycle.all.js
extension/sevenx/design/simple/javascript/jquery.scrollTo.js
extension/community_design/design/suncana/javascript/jquery.cookie.js
extension/community_design/design/suncana/javascript/ezstarrating_jquery.js
extension/community_design/design/suncana/javascript/jquery.initboxes.js
extension/community_design/design/suncana/javascript/app.js
extension/community_design/design/suncana/javascript/twitterwidget.js
extension/community_design/design/suncana/javascript/community.js
extension/community_design/design/suncana/javascript/roadmap.js
extension/community_design/design/suncana/javascript/ez.js
extension/community_design/design/suncana/javascript/ezshareevents.js
extension/sevenx/design/simple/javascript/main.js

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
1	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
1	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
2	content/datatype/view/ezxmltags/line.tpl	<No override>	design/standard/templates/content/datatype/view/ezxmltags/line.tpl
2	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
1	pagelayout.tpl	<No override>	extension/sevenx/design/simple/templates/pagelayout.tpl
Number of times templates used: 8 Number of unique templates used: 6

Usage

Requested template

Template

Template loaded

Edit

Override

node/view/full.tpl

full/forum_topic.tpl

extension/sevenx/design/simple/override/templates/full/forum_topic.tpl