10994 Posts in 2728 Topics by 1819 members
|Go to End|
4 May 2010 at 1:14pm
I'm setting up Silverstripe to use as our Department's website and intranet. I need to get auth-external working with auto-add accounts, because I'm damned if I want to add a gazillion new students to the database every year so they can log on to the intranet. I've got the authentication working for existing accounts, but when I get someone to try to log on using just the LDAP it doesn't work. The relevant bit of the log (with the actual username replaced by me with [user]) says:
"Tue, 04 May 10 12:55:59 +1200 - [user].ldap - LDAP Authentication success
Tue, 04 May 10 12:55:59 +1200 - [user] - authentication success
Tue, 04 May 10 12:55:59 +1200 - [user] - User did not exist but did authenticate. Adding user to database
Tue, 04 May 10 12:55:59 +1200 - [user] - The group to add the user to did not exist
Tue, 04 May 10 12:55:59 +1200 - Process for user [user] ended"
I found something in the archives of this forum which recommended replacing "Group.Title" with "Group.Code" in the appropriate part of ExternalAuthenticator.php and did that, but the same error happened.
I should add that the group does indeed exist, and I've tried it with a couple of different names just in case one was reserved or something.
Can anyone help?
4 May 2010 at 3:51pm Last edited: 4 May 2010 3:51pm
I'm using LDAP with auto add and it works well.
Could you post which version you are using and what your config looks like.
I assume you have a line like:
4 May 2010 at 4:18pm
v0.3.1 for the module, 2.3.7 for Silverstripe. I do have a line like that now, before it was missing the 'ldap', bit, but it still does the same thing. It's a bit of a team effort, this. The guy who runs the ldap server modified the config file for me.
the config file is attached
4 May 2010 at 5:00pm
It's probably this line:
The setting can only be one thing at a time, so when you set it to true it overrides the "Staff" setting.
Remove that line and you should be good to go.
5 May 2010 at 9:34am
Have done that and it works. Thanks a lot.
However, although the log says it's adding the user to the database, when I go to look at what's been added it's surname: unknown, firstname: unknown, email: root@localhost. Is that what's supposed to happen?
5 May 2010 at 10:14am
Nope, that isn't supposed to happen - you might need to check that you're getting the right info out of LDAP for your users.
5 May 2010 at 11:23am
All fixed. It had to do with some funny mapping thing in the LDAP. Something to do with how OS X does things as opposed to how traditional unix does them.
|Go to Top|