-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ldap / ldap 2 level datasource not returning results #785
Comments
@xavierba, could you please show you datasource settings? |
Here they are, slightly modified for hiding private details:
A similar query run from a simple ldapsearch works. |
Hi,
|
edit: fixed below |
The backend is openldap
The |
ok, got the ldap 1 level query to work. Anyway, there is probably still an issue with ldap 2 level query, as a list using this was working before the update from 6.2.44 to 6.2.48. |
If you are using OpenSSL, could you please run |
The old EL6 openssl doesn't know about At this point, I think the possible bug is only with ldap 2 level query. |
Yes that is really a shortcoming. Errors don't bubble up to the top. |
About |
You may also use |
sympa_test_ldap.pl gives me proper results. Tested with both ldap+starttls and ldaps, with mandatory server certificate validation. Also, properly reports error with plain ldap and with invalid filter too. Tested with asking either for a single (mail) or dual attributes (mail,cn). While I did improperly set my test ldap 1 level datasource when testing, this is now working. I really don't think the error is in the config with the ldap 2 level datasource, as the setup was working before the upgrade from 6.2.44 to 6.2.48. |
Patch for a working include_ldap_2level_query (#785)
Version
6.2.48
Installation method
RPM
Expected behavior
ldap / ldap 2 level datasource properly returns some mails to include in the list members.
Actual behavior
No member returned.
Additional information
This was working fine with 6.2.44, so I suspect a regression in the datasource rewrite.
Sync'ing the datasource from either the WUI or the CLI doesn't return any error.
Please note the
-d
switch doesn't actually give more verbosity to the output.Here's the corresponding log:
The text was updated successfully, but these errors were encountered: