[Cdash] [Fwd: Re: CDash LDAP problem]
Julien Jomier
julien.jomier at kitware.com
Thu Feb 11 15:40:41 UTC 2010
Marcel,
I'm wondering if the CDASH_LDAP options are defined correctly and that
might be the reason why 'cn' doesn't show up.
CDash requires the user to be registered in CDash when using LDAP. The
authentication is done by LDAP. One option is to login as administrator
into CDash and register the user before trying to login into LDAP.
Let us know,
Julien
Marcel Loose wrote:
> Hi all,
>
> I'm experiencing an LDAP problem with CDash. When I try to log into
> CDash for the first time as a valid LDAP user, I get the message:
>
> No givenname (cn) set in LDAP, cannot register user into MIDAS
>
> Now I've been digging in the PHP-code a bit, but I know little PHP.
> The problem seems to be in the function ldapAuthenticate() in login.php.
> For reasons I don't understand, the return value of
ldap_search($ldap,$CDASH_LDAP_BASEDN, 'mail='.$email, array('dn','cn'))
> contains an empty 'cn' field, though it does contain a valid 'dn' field.
>
> For debugging purposes, I've removed the attributes specification in the
> ldap_search() call, thus returning all attributes. This gives me:
>
> var_dump($entries);
> array(2) { ["count"]=> int(1) [0]=> array(24) { ["objectclass"]=>
> array(4) { ["count"]=> int(3) [0]=> string(13) "shadowAccount" [1]=>
> string(12) "posixAccount" [2]=> string(13) "inetOrgPerson" } [0]=>
> string(11) "objectclass" ["gecos"]=> array(2) { ["count"]=> int(1)
> [0]=> string(12) "Marcel Loose" } [1]=> string(5) "gecos" ["uid"]=>
> array(2) { ["count"]=> int(1) [0]=> string(5) "loose" } [2]=>
> string(3) "uid" ["sn"]=> array(2) { ["count"]=> int(1) [0]=>
> string(5) "Loose" } [3]=> string(2) "sn" ["givenname"]=> array(2)
> { ["count"]=> int(1) [0]=> string(6) "Marcel" } [4]=> string(9)
> "givenname" ["uidnumber"]=> array(2) { ["count"]=> int(1) [0]=>
> string(3) "511" } [5]=> string(9) "uidnumber" ["mail"]=> array(2)
> { ["count"]=> int(1) [0]=> string(15) "loose at astron.nl" } [6]=>
> string(4) "mail" ["gidnumber"]=> array(2) { ["count"]=> int(1) [0]=>
> string(4) "1000" } [7]=> string(9) "gidnumber" ["shadowlastchange"]=>
> array(2) { ["count"]=> int(1) [0]=> string(5) "14127" } [8]=>
> string(16) "shadowlastchange" ["homedirectory"]=> array(2)
> { ["count"]=> int(1) [0]=> string(11) "/home/loose" } [9]=>
> string(13) "homedirectory" ["loginshell"]=> array(2) { ["count"]=>
> int(1) [0]=> string(9) "/bin/bash" } [10]=> string(10)
> "loginshell" ["count"]=> int(11) ["dn"]=> string(35)
> "uid=loose,ou=people,dc=astron,dc=nl" } }
>
> Indeed, 'cn' is missing here. It is, however, present in the LDAP
> database. Here's a snippet of the output of 'slapcat', for the given
> user:
>
> dn: uid=loose,ou=people,dc=astron,dc=nl
> objectClass: shadowAccount
> objectClass: posixAccount
> objectClass: inetOrgPerson
> gecos: Marcel Loose
> uid: loose
> sn: Loose
> givenName: Marcel
> structuralObjectClass: inetOrgPerson
> entryUUID: 2375bf08-e435-102b-8b97-3952138d3cf7
> creatorsName: cn=Manager,dc=astron,dc=nl
> createTimestamp: 20070821132115Z
> uidNumber: 511
> mail: loose at astron.nl
> gidNumber: 1000
> shadowLastChange: 14127
> cn: Marcel Loose
> userPassword:: <########>
> homeDirectory: /home/loose
> loginShell: /bin/bash
> entryCSN: 20100104140045Z#000000#00#000000
> modifiersName: cn=Manager,dc=astron,dc=nl
> modifyTimestamp: 20100104140045Z
>
> I don't know if this is a CDash problem -- e.g. it should use a
> different ldap-function; or if it's a problem with the PHP-LDAP module;
> or if it's an LDAP database/configuration problem. Could someone please
> shed a light on this?
>
> Best regards,
> Marcel Loose.
More information about the CDash
mailing list