LDAP group mapping using SimpleMapping

Author Message

Mathieu Peltier

Monday 17 January 2011 2:49:10 am

Hi,
I would like to map LDAP to eZ groups with SimpleMapping. I cannot make it work without the following modification in ./kernel/classes/datatypes/ezuser/ezldapuser.php. Is this a bug or a configuration issue (maybe related to the LDAP server I am trying to use)? I am using eZ Publish 4.4.0.
Thanks
Mathieu

--- ./kernel/classes/datatypes/ezuser/ezldapuser.php.orig 2011-01-14 13:59:10.000000000 +0100
+++ ./kernel/classes/datatypes/ezuser/ezldapuser.php 2011-01-17 10:38:56.000000000 +0100
@@ -488,15 +488,29 @@

$groupsTree = array();
$stack = array();
- $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['dn'] . '))';
+ // $userData['uid'][0]=<login> -> OK
+ // $userData['dn']=uid=<login>,ou=users,dc=domain.org,dc=local -> KO
+ $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['uid'][0] . '))';

$groupsTree[ $userData['dn'] ] = array( 'data' => & $userData,
'parents' => array(),
'children' => array() );

settings/override/ldap.ini.append.php file:

[LDAPSettings]
LDAPDebugTrace=enabled

# LDAP Server
LDAPServer=ldap.domain.org

# Where to find users
LDAPBaseDn=dc--domain.org,dc--local

# Group mapping
LDAPGroupMappingType=SimpleMapping
LDAPCreateMissingGroups=disabled
LDAPGroupBaseDN=dc--domain.org,dc--local
LDAPGroupClass=<name of my group object in LDAP>
LDAPGroupNameAttribute=cn
LDAPGroupMemberAttribute=<name of the attribute of my group object in LDAP specifying the members of the groups>
LDAPUserGroupMap[]
LDAPUserGroupMap[group1]=ezgroup1
LDAPUserGroupMap[group2]=ezgroup2
LDAPUserGroupMap[group3]=ezgroup3

# Default group (if group mapping fails)
LDAPUserGroupType=name
LDAPUserGroup[]=Members

# if 'enabled' you can move LDAP users to a different group and they will not
# be automatically moved back (to the group they are configured to be placed in)
# when the user logs in again.
KeepGroupAssignment=disabled

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.

eZ debug

Timing: Jan 30 2025 00:44:55
Script start
Timing: Jan 30 2025 00:44:55
Module start 'layout'
Timing: Jan 30 2025 00:44:55
Module start 'content'
Timing: Jan 30 2025 00:44:55
Module end 'content'
Timing: Jan 30 2025 00:44:55
Script end

Main resources:

Total runtime0.0156 sec
Peak memory usage2,048.0000 KB
Database Queries3

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0064 588.2578151.2266
Module start 'layout' 0.00640.0028 739.484436.7031
Module start 'content' 0.00920.0051 776.187590.2031
Module end 'content' 0.01440.0012 866.390629.9766
Script end 0.0156  896.3672 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.002314.6235140.0002
Check MTime0.00116.7347140.0001
Mysql Total
Database connection0.00063.918410.0006
Mysqli_queries0.003119.636430.0010
Looping result0.00000.084010.0000
Template Total0.00096.110.0009
Template load0.00074.738110.0007
Template processing0.00021.299010.0002
Override
Cache load0.00042.752210.0004
General
dbfile0.001811.262280.0002
String conversion0.00000.056540.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1print_pagelayout.tpl<No override>extension/community/design/community/templates/print_pagelayout.tplEdit templateOverride template
 Number of times templates used: 1
 Number of unique templates used: 1

Time used to render debug report: 0.0001 secs