LDAP Group Sync in Tiki-9 Broken
- Status
- Closed
- Subject
- LDAP Group Sync in Tiki-9 Broken
- Version
- 9.x
- Category
- Error
- Feature
- External Authentication (LDAP, AD, PAM, CAS, etc)
Group - Resolution status
- New
- Submitted by
- jcarter
- Lastmod by
- jcarter
- Rating
- Description
I was unable to get group sync for ldap working, and after changing two lines of code in userslib.php I was able to get it working.
The changes I made are the procedure section, and I have included my settings also in case someone is having a similar issue, or is just trying to set up LDAP group sync and would like to see a working example, and in case it is useful in your troubleshooting.
- Solution
Procedure
in tiki-9/lib/userslib.php, change line 1222 from
if ($prefs['syncGroupsWithDirectory'] == 'y' && $userattributes[$prefs['auth_ldap_group_corr_userattr']] != null) {to
if ($prefs['syncGroupsWithDirectory'] == 'y' && $prefs['auth_ldap_group_corr_userattr'] != null) {and changed line 1257 from
$ldap_group_options['bind_type'] = 'explicit'
to
$ldap_group_options['bind_type'] = $prefs['auth_ldap_type']
I then poked around in the code to see how the sync actually occurred, and which settings should be filled, and set the settings as follow:
LDAP External Groups Tab
LDAP Bind settings
<will vary>LDAP User
User DN: OU=People <wherever you want to look for people, this should be an ou>
User Attribute: sAMAccountName
Corresponding user attribute in 1st directory: sAMAccountName
User OC: userLDAP Group
Group DN: <group DN>WarningMake sure not to have the base DN at the end of the group DN, as it will not work if you do!Group name attribute: cn
Group description attribute: description
Group OC: groupLDAP Group Member - if group membership can be found in group attributes
Member attribute: member
Member is DN: TLDAP User Group - if group membership can be found in user attributes
Group attribute:
Group attribute in group entry:LDAP Admin
Admin password: <pw>
Admin user: <user>
General Preferences Tab
Synchronize Tiki groups with a directory: T- Importance
- 9
- Easy to solve?
- 10 easy
- Priority
- 90
- Demonstrate Bug
-
This bug has been demonstrated on show2.tikiwiki.org
Please demonstrate your bug on show2.tikiwiki.org
Version: Create show2.tikiwiki.org instanceAbout show2.tikiwiki.orgTo help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tikiwiki.org instance. To start, simply select a version and click on "Create show2.tikiwiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tikiwiki.org.
- Ticket ID
- 4284
- Created
- Monday 27 August, 2012 16:43:21 GMT-0000
- LastModif
- Monday 09 December, 2013 21:32:59 GMT-0000
Attachments
| filename | created | hits | comment | version | filetype | ||
|---|---|---|---|---|---|---|---|
| No attachments for this item | |||||||
;){kind=link}
;){kind=link}
;){kind=link}
;){kind=link}