[Owncloud] LDAP login fails with latest git branch

Arthur Schiwon blizzz at owncloud.com
Tue May 8 22:05:02 UTC 2012



On 05/08/2012 05:08 PM, Gronies, Thomas wrote:
> And now it's broken again. I tried to edit something in the Base Group Tree Field, since then I can't login with my LDAP account.
> Then I cleared the field and again I can't login. Again, I switched off TLS and dumped the network traffic.
> LDAP tells Owncloud that the user (object) does not exist.
>   The baseObject is empty, shouldn't it contain the BaseDN? Scope is on wholeSubtree.

Is the Base DN configured to empty in the settings? If so, it won't 
work. I will likely change it to check if either BaseDN is set and/or 
User and Group Subtrees are given.

If that is not the problem, are Base and Group Tree really empty or 
might there be some space left or something?

> Maybe the test, if the fields Base User/Group Tree is empty, fails when it was set once?

No, it will fall back to the base DN.

Cheers
Arthur

>
> @dirk: Sharing works between users that are in the same group. I tested it by grouping my LDAP users in one group. If the LDAP contains many users you should limit the LDAP search request to generate a small output from LDAP. Otherwise the browser is not able to show all the users (I posted this issue a few weeks ago, it is not possible to list many thousands of users, unless you spend much time and memory ;-) ). Then you can put all the users in groups. This should not be the way for LDAP to do this, but works for a first small testing environment.
>
> For the rest I can only tell about my tests before last friday. It worked to select a LDAP user to share a file or a folder with him. But the recipient of the share gets nothing, his share folder keeps empty. As far as I can remember there was an error for a public share of a LDAP user which said something like the cloud is not available/existing or something similar to this. I didn't test it with local users because my intention is only to use LDAP.
>
> Regards,
> Thomas
>
>>> Works. Great :-)
>>
>> Perfect :)
>>
>>> Next problem is, that ldap groups don't work, because OC uses the
>>> wrong member attribute for posixgroups (posted this to thebuggenie).
>>> OC is searching for
>>>
>>>
>> (&(objectClass=posixGroup)(uniqueMember=uid=xmuster,ou=people,dc=u
>> ni-o
>>> snabrueck,dc=de))
>>>
>>>
>>> posixgroups are using the attribute "memberuid" with the uid as value,
>>> for example "xmuster". The attribute "uniquemember" is used by the
>>> objectclass "groupOfUniqueNames".
>> Could you please file a bug report and assign it to me (my nick in the
>> bugtracker is blizzz)? uniquemember is more comfortable and better to
>> handle since the users are really unique.
>>
>> Sidenote: the group filter is now also configurable in the UI.
>>
>>
>>> And sharing still doesn't work with ldap users.
>> How does "doesn't work" express?
>>
>> Cheers
>> Arthur
>>
>>>
>>> Dirk
>>>
>>>
>>>
>>> _______________________________________________
>>> Owncloud mailing list
>>> Owncloud at kde.org
>>> https://mail.kde.org/mailman/listinfo/owncloud
>> _______________________________________________
>> Owncloud mailing list
>> Owncloud at kde.org
>> https://mail.kde.org/mailman/listinfo/owncloud
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud



More information about the Owncloud mailing list