Skip to content

How to test user_ldap

Piotr Mrówczyński edited this page Feb 21, 2018 · 12 revisions

Testing LDAP with Docker

Clone administration repo and run ldap-testing/start.sh to start a LDAP server

git clone https://github.com/owncloud/administration
administration/ldap-testing/start.sh

Fill the LDAP instance with multiple zombie armies (groups)

Edit administration/ldap-testing/config.php with desired parameters, but you can leave it default

Run administration/ldap-testing/batchCreateUsersInGroups.php from the same folder in the administration repo.

cd administration/ldap-testing/
gedit config.php
php batchCreateUsersInGroups.php

Fill the LDAP instance with a zombie army

Run administration/ldap-testing/batchCreateUsers.php from the same folder in the administration repo.

cd administration/ldap-testing/
php batchCreateUsers.php

Setup ownCloud user_ldap

Tested config:

  • Server: localhost, Port: gets autodetected (if not click the "detect port" button)
  • User DN: cn=admin,dc=owncloud,dc=com
  • Password: admin
  • Base DN: dc=owncloud,dc=com (gets autodetected once you have filled Server, Port, User DN and Password)
  • User Filter: inetOrgPerson as object class should be fine (default value)
  • Login Filter: LDAP Username works (default value)
  • Group Filter: not needed
  • Advanced -> Directory Settings -> User Display Name Field: displayName (camelCase ;))
  • Expert -> UUID Attribute for Users: uid
  • Advanced -> Directory Settings -> Group-Member association: memberUid (without memberof) or member (with memberof)

How to login as LDAP user

Every zombie has a user name (e.g. zombie294), which you can use to login on ownCloud. As password use the username. You can find all usernames with PHPLDAPAdmin

Creating/LoggingIn users - OCC Command Sync

WARNING:

This will fail if Expert -> UUID Attribute for Users: uid setting is skipped during configuration

This will fail if Advanced -> Directory Settings -> Group-Member association: memberUid (without memberof) or member (with memberof) setting is skipped during configuration or wrong


After users and group are created using one of batchCreate* scripts, one can sync them to the system

php occ user:sync "OCA\User_LDAP\User_Proxy"
php occ group:sync "OCA\User_LDAP\Group_Proxy"

If you dont see memberships, please check that you have correctly set Group-Member association in Advanced settings.

To test with xdebug use e.g.

php -dxdebug.remote_autostart=On occ group:sync "OCA\User_LDAP\Group_Proxy"

Happy Testing

Clone this wiki locally