[Tickets #8847] groupS and attrisdn in non Flat LDAP Directory do not work
bugs at horde.org
bugs at horde.org
Tue Feb 2 12:24:26 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8847
------------------------------------------------------------------------------
Ticket | 8847
Created By | Klaus.Steinberger at Physik.Uni-Muenchen.DE
Summary | groupS and attrisdn in non Flat LDAP Directory do not
| work
Queue | Horde Framework Packages
Version | Git master
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Klaus.Steinberger at Physik.Uni-Muenchen.DE (2010-02-02 07:24) wrote:
In a LDAP Directory with a hierarchical structure and full DN names as
group member entries (like Novell Edirectory) getGroupMemberShip will
not work.
The culprit is the following code:
if ($GLOBALS['conf']['group']['params']['attrisdn']) {
$filter .= $GLOBALS['conf']['auth']['params']['uid'] . '=';
}
$filter .= $user;
if ($GLOBALS['conf']['group']['params']['attrisdn']) {
$filter .= ',' . $GLOBALS['conf']['auth']['params']['basedn'];
}
The code assumes that a user DN is always flat under the basedn. In a
hierarchical directory structure with sub OU's this not the case, so
the real user DN must be used here!
More information about the bugs
mailing list