LDAP and Groups

Support requests, bug reports, questions etc.

LDAP and Groups

Postby yeahmag » Wed Apr 04, 2012 02:01

I'm hooking NConf in to our LDAP and it seems to work about halfway. It can pull my group, but still thinks my test user isn't in any allowed groups:

====================================================
Error Message:

User authenticated, but his group is not authorized to access NConf

====================================================

authentication.php snippets:

define('AUTH_TYPE', 'ldap');

# Groups
define('GROUP_USER', "user");
define('GROUP_ADMIN', "admin");
define('GROUP_NOBODY', "0");

define('ADMIN_GROUP', "cn=citstaff");
define('USER_GROUP', "cn=operator");

====================================================

Debug Output:

Array LDAP ldap_get_entries:
Array
(
[count] => 1
[0] => Array
(
[objectclass] => Array
(
[count] => 2
[0] => posixGroup
[1] => top
)

[0] => objectclass
[gidnumber] => Array
(
[count] => 1
[0] => 102
)

[1] => gidnumber
[cn] => Array
(
[count] => 1
[0] => citstaff
)

[2] => cn
[count] => 3
[dn] => cn=citstaff,ou=groups,ou=imss,o=caltech,c=us
)

)

Can someone set me straight?

Thanks.

-Aaron
yeahmag
beginner
beginner
 
Posts: 9
Joined: Thu Oct 27, 2011 01:06

Re: LDAP and Groups

Postby yeahmag » Wed Apr 04, 2012 02:22

I'm also seeing this in the apache error logs:

[Tue Apr 03 17:21:04 2012] [error] [client 131.215.234.71] PHP Notice: Undefined index: memberuid in /var/www/html/nconf/include/login_check.php on line 220
[Tue Apr 03 17:21:04 2012] [error] [client 131.215.234.71] PHP Warning: in_array() expects parameter 2 to be array, null given in /var/www/html/nconf/include/login_check.php on line 251
yeahmag
beginner
beginner
 
Posts: 9
Joined: Thu Oct 27, 2011 01:06

Re: LDAP and Groups

Postby scrat » Thu Apr 05, 2012 14:11

Hi,

Which objectClasses are assined to your LDAP users and groups?
Your LDAP group needs attribute memberUid which is part of posixGroup.


Regards,
René
User avatar
scrat
NConf enthusiast
NConf enthusiast
 
Posts: 101
Joined: Mon Aug 23, 2010 16:28
Location: Vienna, Austria


Return to Support (NConf 1.3.0)

Who is online

Users browsing this forum: No registered users and 3 guests

cron