Jump to content

Topic on Extension talk:LDAPGroups

Problem to get groups from LDAP

3
ElogKevinL (talkcontribs)

Hello,


I've problem about this extension i can find my group with ldapsearch but that doesn't work with this extension :


I've blank return with this command :


php extensions/LDAPProvider/maintenance/ShowUserGroups.php --domain domain.local --username myuser


My ldap config :


{

"domain.local": {

"connection": {

"server": "srv-dc1.domain.local",

"port": "389",

"use-tls": "true",

"user": "CN=Mediawiki,OU=My Accounts,dc=domain,dc=local",

"pass": "password",

"enctype": "clear",

"options": {

"LDAP_OPT_DEREF": 1

},

"basedn": "dc=domain,dc=local",

"groupbasedn": "OU=My Groups,dc=domain,dc=local",

"userbasedn": "OU=My Accounts,dc=domain,dc=local",

"searchattribute": "samaccountname",

"usernameattribute": "samaccountname",

"realnameattribute": "cn",

"emailattribute": "mail",

"grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory",

"presearchusernamemodifiers": [ "spacestounderscores", "lowercase" ]

},

"userinfo": [],

"authorization": {

"rules": {

"groups": {

"required": [ "CN=Mediawiki_Access,OU=My Groups,dc=domain,dc=local" ]

}

}

},

"groupsync": {

"mapping": {

"engineering": "CN=Mediawiki_Admins,OU=My Groups,dc=domain,dc=local",

"bureaucrat": "CN=Mediawiki_Admins,OU=My Groups,dc=domain,dc=local",

"interface-admin": "CN=Mediawiki_Admins,OU=My Groups,dc=domain,dc=local",

"sysop": "CN=Mediawiki_Admins,OU=My Groups,dc=domain,dc=local"

}

}

}

}


And i've this error into my apache :


Undefined array key "memberof" in /var/lib/mediawiki/extensions/LDAPProvider/src/UserGroupsRequest/UserMemberOf.php


What can i check ?


Regards,


Kévin.

Osnard (talkcontribs)

Well, apparently the group information is is not stored in the the memberOf field of the of the "user info". Try to use a different value for grouprequest

  • "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupMember::factory"
  • "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupUniqueMember::factory"
  • "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory"
  • "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\Configurable::factory"
  • "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\GroupMemberUid::factory"


Depending on the chosen value, additional configuration may be required. See also Extension:LDAPProvider#Domain_config_settings

ElogKevinL (talkcontribs)

Hello,


Thank you the value GroupMember work !


Regards,


Kévin.

Reply to "Problem to get groups from LDAP"