phpgroupware-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-users] strangeness with phpgw/ldap...

From: Paolo Andreetto
Subject: Re: [Phpgroupware-users] strangeness with phpgw/ldap...
Date: Thu, 28 Nov 2002 16:03:48 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020615 Debian/1.0.0-3 
Marco Gaiarin wrote:


I've setup the .001 version, switching entirely to ldap.

I've found 2 minor problem, i don't know if i can call these bug.


1) the first insert of user and group got UID/GID NULL, so i cannot
use/modify these. I've to manually modify ldap uidNumber/gidNumber in
ldap server.
After this first insert, all went well.

2) if i insert a new user, they got gidNumber=uidNumber, not the group
defined in default (for setup) nor one of the group used in defining
the account.

Now i see that, for example:

dn: uid=terenzi,ou=People,dc=sv,dc=lnf,dc=it
userPassword:: Secret ;)
phpgwAccountType: u
phpgwAccountExpires: -1
homeDirectory: /home/terenzi
loginShell: /bin/false
cn: Marco Terenzi
sn: Terenzi
givenName: Marco
uid: terenzi
uidNumber: 1005
gidNumber: 1005
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: phpgwAccount
creatorsName: cn=admin,dc=sv,dc=lnf,dc=it
createTimestamp: 20021128132954Z
modifiersName: cn=admin,dc=sv,dc=lnf,dc=it
modifyTimestamp: 20021128132954Z

dn: cn=Amministrazione,ou=Group,dc=sv,dc=lnf,dc=it
userPassword:: Boh...
phpgwAccountType: g
phpgwAccountExpires: -1
objectClass: top
objectClass: posixGroup
objectClass: phpgwAccount
cn: Amministrazione
gidNumber: 1003
description: phpgw-created group
creatorsName: cn=admin,dc=sv,dc=lnf,dc=it
createTimestamp: 20021128132120Z
modifiersName: cn=admin,dc=sv,dc=lnf,dc=it
modifyTimestamp: 20021128132120Z


seems there's no relation from user terenzi to group Amministrazione in
ldap database, but phpgw say me (correctly) that terenzi is in group
Amministrazione.

This information are stored in database?! Why not using ldap?! Why ldap
account are created with uid=gid?!
I'm still finding lots of trouble if UID==GID. I think this depends on the internal 
management of IDs of phpgw; it seems that users and groups shared the same
ID space. With external IDs, such as in LDAP, a call to
   class.account_ldap -> id2name(...)
for example, may return a group instead of a user.
Besides membership is handled via SQL (table phpgw_acl), so it is possible to 
have LDAP not updated.
I'm working on this kind of problems, and recently I submitted a patch
https://savannah.gnu.org/patch/?func=detailpatch&patch_id=656&group_id=509
for keeping LDAP updated.
If you're so brave to try..good luck!!
reply via email to
[Prev in Thread] Current Thread [Next in Thread]