Hi

I have been using webserver_auth to automatically authenticate users, it has worked ok, but now I have finally configured LDAP Integration instead. We use Active Directory.
My problem is that all my users have accounts in Drupal (username, for instance: mkl )
My Active Directory sAMAccountname is the same name: mkl

When I try to log in to my site I get:

Another user already exists in this system with the same login name. You should contact the system's administrator in order to solve this conflict. 
Sorry. Unrecognized username or password. Have you forgotten your password? 

Which in most cases would be correct, however, I can not delete my users, because all the material they have created would "disappear" (no access until I manually change uid for the nodes which would take a looong while)

What I wanna do is to manually or automatically replace the users without deleting them. mkl drupal should become mkl ldap. (i only use ldap no drupal database)
So in my head, if the user exists in drupal database, LDAP-Integration should update that user instead of giving that error.

Is this something that anyone would be able to help me with?

/Michael Karlsson

I might add that LDAP works perfectly if the user doesn't exist.

Comments

rooey’s picture

We ran into the same problem.

Our solution was to re-name all of the existing users who already had ownership of a node to webauth_username and delete the rest.

After folks logged in through LDAP we looked for any webauth_usernames matching the users name and renamed them - deleting the old user.

Painful, but it worked.

Although we'd really like to see this functionality added.

geste’s picture

I mentioned this earlier today in this thread before spotting this earlier thread.

It would seem like there must be a way to do this systematically with some database updates rather than the hassle you went through

I am planning on keeping Webserver_auth active as it uses the university-wide Pubcookie service (very popular with users). I am, however, trying to figure out how to make my Drupal map local LDAP groups into Drupal roles. So part of my problem might be to make my users *look* like LDAP users even though they aren't authentifying to LDAP. I foresee the possibility of having to fix up about 400 user accounts to make this work.

Jim

junyor’s picture

claar’s picture

Title: How do I change a drupal user to become an LDAP user? » LDAP should merge username conflicts
Version: 5.x-1.3 » 6.x-1.x-dev
Category: support » feature

I'm having the same problem -- somehow I have local user accounts with the same name as LDAP accounts.

It seems to me that the LDAP integration should merge the two accounts.

Renee S’s picture

I had a few users set up locally, and they were able to log in using our LDAP, but only in LDAP Only mode - it merged the accounts (you can see the difference in the data field of the user database) correctly. When I switch to mixed mode, it fails. The described behaviour is that it merges and checks the LDAP if Drupal auth fails.

claar’s picture

Category: feature » support
Status: Active » Fixed

Ah -- I didn't notice that the LDAP module has two settings which affect this behavior:

Choose authentication mode: *
Mixed mode. The LDAP authentication is performed only if Drupal authentication fails
LDAP directory only

Choose user conflict resolve procedure: *
Disallow login and log the conflict
Associate local account with the LDAP entry

It looks like the built-in options already implement what's needed.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.