Porting to Drupal 6

That's great, cause I wasn't going to have time for a little while.

Any update? This is a great module, and I'd love to see it implemented soon

has anybody picked this up then?

I'm planning on working on it, but have been laid up in bed sick for the last few weeks. If anyone wants to help, that would be great. Even if you are not a developer, you could begin testing. Simonc indicated the ldap authentication is working, so that could be tested. I don't believe he had a chance to work on either the groups or data modules.

I'm hoping to get a 6.x-dev branch setup in CVS in the next few days, but if anyone is chomping at the bit, feel free to download the tar file that he uploaded in #4.

Hai,

I tried to extract the file with ExtractNow but it doesn't work.
Is it the file or my freeware program?

@00drup00
you can't possibly be serious

The file is fine. Try renaming it to either ldap_integration.tgz or ldap_integration.tar.gz. Either should work fine. I've confirmed that after renaming the file, it extracts fine.

Hello,

I've worked a bit on the version posted by simonc. As he describe LDAP auth worked but it also disabled local auth.

I've tried to fix it and also proceed some optimizations.

Current status for ldapauth :
- LDAP auth OK
- Local auth OK
- User form is altered and do not allowed modifications of login and password for LDAP user

I've just take a look to ldapgroup. I think it should be OK after ldapgroup.install migration.

awesome
:)

Hi all!

I´m newbie with this kind of technology (php and mysql) and I've installed drupal 6.1. Now I want to integrate it with LDAP so I downloaded pariviere ldap_integration_pariviere.tar_.gz file.
I have unzipped and untared the file but now I have no idea about what to do with its contents.
Can somebody give me some help?

Thanks in advance!

Cristina

Cristina

The module hasn't been fully tested so this is not the best module to experiment with.

There is a nice tutorial here:

http://drupal.org/node/120641

Chris

Hi Chris,

I have read that this module hasn´t been fully tested by I have not found any other module for drupal 6.1 with ldap authentication, so I'm going to test it by myself.
Do you have any other idea to make my drupal authenticate against ldap?
Thanks for the URL above.

Cristina

Hi,

i successfully bind to an AD, but, yes i know the development state of porting, but if i delete a user from AD after logged in once to drupal (user created in table users), the user still can login, and the entry doesnt removed from durpals db. I cant install authdata and ldapgroup due the lack of ported install script, should these provide user syncing, or should I do a cron-update, empty the cache or manually remove this user from drupal too? I'm newbee to drupal, so sorry for this lame question.

Peter

Cristina

As far as I am aware, this is the only solution for authenticating via LDAP. Are you only hoping to authenticate or were you hoping to integrate?

Chris

I'm not sure what i've done wrong, but I receive these messages after install your module.

user warning: Unknown column 'ldapdata_mappings' in 'field list' query: SELECT ldapdata_mappings, ldapdata_rwattrs FROM ldapauth WHERE name = '' in C:\xampp\htdocs\drupal\modules\ldap_integration\ldapdata.module on line 404.

Guys.. I decided to alter the database myself using the ldapauth.install guide.
no problem now, it works. Thanks alot for this module author.

The ldap authentication works very well. I was even able to bind to the ldap server using a username/password.
I'm using the module provided by pariviere on March 7.
Next step is to get the groups/roles thing working.
I get this error message when entering the ldap groups admin section:

warning: preg_match() expects parameter 2 to be string, array given
in /srv/www/vhosts/intra/includes/bootstrap.inc on line 718.

I think it's related to the problem veriy described here above since I got that same error message the first time I entered the groups admin section. I cannot add/edit anything here.

What did you do veriy, or where can I find the documentation you used to get it working again?

Hello,

I've continued to work on D6 port. Now ldapgroups module seems also to be fully functional. No features change. ldapdata is still unchanged.

trying to use only the ldapauth part of the module and your modifications above for drupal 6 - once the module is installed and enabled, going to module configuration I get the warning:

user warning: Table 'dnorth.ldapauth' doesn't exist query: SELECT sid, name, status FROM ldapauth ORDER BY sid in C:\webs\North\modules\ldap_integration\ldapauth.module on line 135.

- sure enugh, the ldap tables DO NOT get created during the module enabling process - just like that seen in http://drupal.org/node/115869 - this points to a YSQL & Windows issue? -

- all the appropiate MySQL, PHP and other system permission seem to be set - no other modules seem to have this problem during install and configuration -

- any other method to create the MySQL tables needed to enable you module? -

System:

ldap_integration.tar_.gz 29.42 KB
OR
ldap_integration_pariviere.tar_.gz 27.97 KB
OR
ldap_integration-6.1-dev-20080326.tar_.gz 22.93 KB

Win2k3 wwwwwth all SPs and fixes
Microsoft-IIS/6.0
PHP Version 5.2.5
drupal-6.1.tar.gz
mysql-essential-5.0.51a

It might be caused by the use of the first version of the D6 port which as far as I remember do not initialize correctly your database. The database version is unchanged with this new archive so ldapauth_install() hook is just not called.

Try cleaning Drupal informations about ldap_integration's modules :

delete from system where name in {'ldapdata', 'ldapgroups', 'ldapauth'};

and then retry. Also be sure to drop ldapauth table first.

actually, the order of modifed mods I tried was:
ldap_integration-6.1-dev-20080326.tar_.gz 22.93 KB
THEN
ldap_integration_pariviere.tar_.gz 27.97 KB
THEN
ldap_integration.tar_.gz 29.42 KB

- in the MySQL catalog, tables and any system table, I do not see any reference to ldap -

New version works great here for me pariviere. Thanks alot!

Hello,

Another version of the dev. ldapdata is now D6 compatible.

These modules are not fully tested, just D6 compatible. For ldapauth and ldapdata I have disabled (just commented into the code) some features which I don't understand. Only features I use are tested and seems to work as expected.

I have also added a simple mass import from LDAP feature with the ldapimport module.

Enjoy

to owen32 :

make sure to really destroy any data relatives to ldap_integration modules

• desactivate and uninstall ldap_integration modules from Drupal's admin interface
• modules files into drupal's module/ directory
• and as I said if it's not enough,
  

  delete from system where name like 'ldap%';
  delete from variable where name like 'ldap%';
  

  I know it's a bit rough...

After that, and only after, try with the lastest version I've published.

Hmm in fact ldapdata is D6 compatible but seems to not be functional. There's some additional work to do on it.

Hmmm...tried your suggestions and the latest
ldap_integration-6.1-dev-20080327.tar_.gz 23.63 KB

- I can not find any reference to 'ldap' in the MySQL catalog - to check again, I pulled the catalog(s) into an Access db; still ca not find any reference to 'ldap' -

- best I can tell, the ldap data tables are not being created after the module is installed and enabled -

- is there a manual method to create the tables needed? -

oh oh...my error - I did find 4 rows referencin ldap in the system table - no entries in variables - no other 'ldap tables -

- tried reinstall of ldap_integration-6.1-dev-20080327.tar_.gz 23.63 KB
and got this in the module admin page after enabling just ldapauth:

user warning: BLOB/TEXT column 'basedn' can't have a default value query: CREATE TABLE ldapauth ( `sid` TINYINT NOT NULL auto_increment, `name` VARCHAR(255) NOT NULL DEFAULT '', `status` TINYINT NOT NULL DEFAULT 0, `server` VARCHAR(255) NOT NULL DEFAULT '', `port` INT NOT NULL DEFAULT 389, `tls` TINYINT NOT NULL DEFAULT 0, `encrypted` TINYINT NOT NULL DEFAULT 0, `basedn` TINYTEXT NOT NULL DEFAULT '', `user_attr` VARCHAR(255) NOT NULL DEFAULT '', `mail_attr` VARCHAR(255) NOT NULL DEFAULT '', `binddn` VARCHAR(255) NOT NULL DEFAULT '', `bindpw` VARCHAR(255) NOT NULL DEFAULT '', `bindpw_clear` VARCHAR(255) NOT NULL DEFAULT '', PRIMARY KEY (name), INDEX sid (sid) ) /*!40100 DEFAULT CHARACTER SET UTF8 */ in C:\webs\North\includes\database.inc on line 509.

AND this in LDAP Integration configuration attempt:

user warning: Table 'dnorth.ldapauth' doesn't exist query: SELECT sid, name, status FROM ldapauth ORDER BY sid in C:\webs\North\modules\ldap_integration\ldapauth.module on line 135.

- so, still no progress in the test of this D6 version testing -

Is there any reason why the Anonymous UI Options options have been commented out on the System Wide Options form? I found that re-activating that code and reactivating the unset line in the ldapauth_form_alter function brings back the Remove Request new password link from login block functionality in D6.

It seems to be a storage engine compatibility problem. I exclusively works on Linux. Your problem is described on the following pages :

• http://drupal.org/node/136068
• http://bugs.mysql.com/bug.php?id=25520

On Windows, the default engine used is InnoDB and its behaviors differs from the MyISAM engine. A fix was committed on HEAD several months ago http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/ldap_integr... but the version I've used to start the port did not include it. Remove the default value for all TEXT fields should be enough.

No real reason. It just my first try in Drupal module and I've disable some features that I don't understand or which the behavior is not as I expected it should be.

For example, the "Remove Request new password link" feature. It think it should depend on the authentication mode used (LDAP only or LDAP and Drupal) and not being a standalone option. But feel free to re-activate yourself this feature. It should work from the login block but NOT from the user account page (?q=user with anonymous access). I don't know how to remove this link.

Thank You - yes, I saw those links and have been working through those pointers - es, a MySQL on Windows issue - not being a programmer nor having ever modified a module before....I just jumped in -

Just to be clear for others, I'm on:
Win2k3 with all SPs and fixes
Microsoft-IIS/6.0
PHP Version 5.2.5
drupal-6.1.tar.gz
mysql-essential-5.0.51a

Starting with your D6 port ldap_integration-6.1-dev-20080327.tar.gz I modified the ldapauth.install and the ldapdata.install files to remove the line 'default' => '' for any 'type' => 'text' sections - the ldapgroups.install doesn't contain any -

- enabling the ldapauth module (all I want/need to use) did not generate any errors or warnings - configurng the LDAP_integration now allowed creating/saving an LDAP Server connection -

- all works !!! - logon with an LDAP account (not local account) and it ldap authenticates and creates the local version of that user account - however, it does generate warnings (not seen on drupal 5.x with the old ldapauth mod):

warning: array_fill() [function.array-fill]: Number of elements must be positive in C:\webs\North\includes\database.inc on line 235.
warning: implode() [function.implode]: Invalid arguments passed in C:\webs\North\includes\database.inc on line 235.
warning: array_keys() [function.array-keys]: The first argument should be an array in C:\webs\North\modules\user\user.module on line 500.
user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in C:\webs\North\modules\user\user.module on line 500.
The selected file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.

- BUT it does generate the account -and does sem to work but need to further test -

- SO, I'm looking through other posts to see where to go next - google does indeed point to posts at Drupal with info on these warning -

- ALSO, as Péter Cseke indicted, I think the Anonymous UI Options is useful and plan to reenable that -

-OH, as admin, deleting the ldap created user account generates warnings:

user warning: Table 'dnorth.messenger' doesn't exist query: DELETE FROM messenger WHERE sid = 2 OR rid = 2 in C:\webs\North\modules\messenger\messenger.module on line 509.

I'm not sure all these errors/warnings are because of new Drupal 6.1 and the added modules that are still in the ironing-out-problems stage or because of the D6 modified ldapauth mod -

THANKS

May be there's some incompatibility issues with other modules you're using? I can not reproduce myself problems you've just described and there's something related to the messenger module.

- yes, current versions of both messenger and journal modules have problems with drupal 6.1 -

I can't seem to find the part in ldapauth.module to

...reactivating the unset line in the ldapauth_form_alter function brings back the Remove Request new password link from login block functionality...

I've got that part on the ldapauth configuration page back but the links to request account / passord are still in logon block -

NEVER MIND
just found the //unset line - just found 'DiffDoc' as a nice utility to compare versions of files - found the line //unset($form['links']);

There is a new issue in D6 possible caused by this module. I can not log in to the same site with the same user from two different computers (or by using different site aliases), as by logging in the user module deletes all other sessions of the same user from the database. I found that commenting out the following lines from user_save fixes the issue, but this is only a quick-fix:

    if (!empty($array['pass'])) {
      //sess_destroy_uid($account->uid); # commented out
      //sess_regenerate(); # commented out
    }

I will try to figure out what has changed from D5 to D6 that causes this issue.

This behavior seems to be created by the user_save call from ldapauth_login_validate function. This part of the LDAP module has changed a lot, so I'm not 100% sure of what would be the best solution, but this patch resolves the problem (I also removed the previously mentioned user_save patch):

         $init = $mail;
         
         $config_name = $_ldapauth_ldap->getOption('name');
-        $userinfo = array('name' => $name, 'pass' => $pass, 'mail' => $mail, 'init' => $init, 'ldap_dn' => $dn, 'ldap_config' => $config_name); 
+        $userinfo = array('name' => $name, /*'pass' => $pass,*/ 'mail' => $mail, 'init' => $init, 'ldap_dn' => $dn, 'ldap_config' => $config_name); 
         	  
         $user = user_save($user, $userinfo);
     }

Indeed 'pass' is not required as user_external_login_register() is used

About the 'user/password' link. I can disable it from ?q=user using this code in hook_menu().

  $items['user/password'] = array(
      'title' => t('Reset password'),
      'access' => FALSE,
      'type' => MENU_LOCAL_TASK,
    );  

But it also produced an item on the navigation menu (which I don't want of course). If some have an idea to hide this link...

By the way who is the module's maintainer? I've tried to contact scafmac a week ago but no answer :/

- just a fyi - Re: Péter Cseke's $userinfo change above - at least on my system, it causes errors when a user account (on AD via ldap) logins in for the first time with creating the new local account - you either get a page not found error or database file creation error (sorry, I didn't save the info) - on a page refresh it clears the error and the 'new user' seems to have access to the site (?) -

- clearing the mod and the MySQL database and deleting the users then reverting to the previous version of ldapauth, no erros are seen with the 'new login' attempt creating the 'new' local account -

pariviere #39: have you tried using MENU_CALLBACK instead?

  $items['user/password'] = array(
      'title' => t('Reset password'),
      'access' => FALSE,
      'type' => MENU_CALLBACK,
    ); 

owen32 #40: I can't reproduce the error you mention. I mean I get the warnings mentioned by you in #34, but nothing else. What are your LDAP System Settings (authentication mode, etc.)? Also are you using the Create user account or you just enter the new account details in the username/password fields from the login block? I tried both, but I did not get any errors.

Of course if I set the authentication mode to LDAP only, than there is no reason to use the Create user account form as it will generate a random password, but the password is already set in the LDAP...

My settings:
(LDAP) Choose authentication mode: LDAP directory only
(User Settings) Public registrations: Only site administrators can create new user accounts.

- NOTE: this works in Drupal 5.x with ldapauth - it removes the 'create new account' link and also disallows the 'request new password' function from the userform-

- in Drupal 6.1 with your D6 modification to the ldapauth mode, the link 'request new password' remains on the user form if authentication fails - when I further modify the ldapauth.module as per the later posts in this thread (even after cleaning the DB, modules etc and renstralling module) I get page & database errors when a new LDAP use 1st trys to create the account - 'refresh' page 'seems' to allow acount creation and functional account -

- the idea is that I only want to allow users via LDAP and that they should not be able to change username, password and email info from within drupal - all that info should be held and maintained strictly by the LDAP (AD) provider account info -

I'm still unable to reproduce it. My settings are the same as yours, as I want to achieve the same thing - all users except admin should come from LDAP, so there is no reason to alter the username, email or password at all.

I am using the version posted in #26, and I only made the patches mentioned in #31 and #38, but you are right - when I type a wrong password I get an error message with a link which leads me to some unwanted forms (create account, request new password) that still need to be hidden.

I am only using the ldap_integration (enabled: ldapauth, ldapgroups) and weather contrib module and some specialized custom modules used by our company.

As simple as you said Peter. Thanks ;)

owen32 it should work as you expected, expect for he 'request new password' link. I will publish today another version included the different comments since the previous one.

Hello,

Another version attached. There's only ldapauth modification :

- attempt to made option more comprehensive (exclusive mode clear request new password and create account feature)
- authentication should work as expected
- use sid instead name for data (from ldapauth table) handling

Hello-

I was using the build from 20080327, and today started using the 20080402 build, and now ldapauth seems to be broken.

I've got it working now, but I think there was a problem in ldapauth.module, line 601:
$row = db_fetch_object(db_query("SELECT binddn, bindpw FROM {ldapauth} WHERE sid = '%d'", $_ldapauth_ldap->getOption('sid')));

It looks like 'sid' has not been implemented into LDAPInterface, so I just added case 'sid' into the getOption and setOption and all seems to be fine again.

Ooops, developer's bug ;)

diff --git a/ldapauth.module b/ldapauth.module
index e622d92..f343245 100755
--- a/ldapauth.module
+++ b/ldapauth.module
@@ -760,7 +760,7 @@ function ldapauth_login_validate($form, &$form_state) {
     
     $init = $mail;
     
-    $config_name = $_ldapauth_ldap->getOption('name');
+    $config_name = $_ldapauth_ldap->getOption('sid');
     $userinfo = array('name' => $name, 'mail' => $mail, 'init' => $init, 'ldap_dn' => $dn, 'ldap_config' => $config_name); 
       
     user_save($user, $userinfo);

pariviere - sorry, but I've had no luck in getting this latest version of your module to work - it usually chokes on the php files that you've added to the module - it usually results with page not found messages after installing/activating the ldapauth part of the module - probably something with the paths to the added php files (since I'm on Win2k3 with IIS6) - I haven't tried to dissect out the issue -

- yes, I've made repeated attempts with each time uninstalling the mod and clearing any ldap related entries in the MySQL database -

- I'll keep trying but....the previous version plus the changes I had to make for Win2k3/IIS6 & MySQL (as noted above) mostly works - just the same warning messages (above) that users get at first ldap logon attemp - the warnings go away after a page refresh - users seem to have no problem after that -

Hello-

I've been working to get ldapauth and ldapgroups to work on my site, which I just got working the way I want it to earlier today. I thought I would post the changes I have made in hopes of helping the developers crank out a final version.

LDAPInterface changes:

diff -u ldap_head/ldap_integration/LDAPInterface.php ldap_cis/ldap_integration/LDAPInterface.php
--- ldap_head/ldap_integration/LDAPInterface.php        2008-04-02 09:55:30.000000000 -0500
+++ ldap_cis/ldap_integration/LDAPInterface.php 2008-04-04 16:56:26.000000000 -0500
@@ -53,6 +53,9 @@
                        case 'mail_attr':
                          $this->mail_attr = $value;
                          break;
+                       // set sid option
+                       case 'sid':
+                         $this->sid = $value;
+                         break;
                }
   }
 
@@ -87,6 +90,9 @@
                        case 'mail_attr':
                          $ret = $this->mail_attr;
                          break;
+                       // get sid option
+                       case 'sid':
+                         $ret = $this->sid;
+                         break;
                }
                return $ret;
   }

ldapauth changes:

diff -u ldap_head/ldapauth.module ldap_cis/ldapauth.module
--- ldap_head/ldapauth.module   2008-04-02 09:55:30.000000000 -0500
+++ ldap_cis/ldapauth.module    2008-04-04 17:12:55.000000000 -0500
@@ -760,10 +760,12 @@
     
     $init = $mail;
     
-    $config_name = $_ldapauth_ldap->getOption('name');
+    // post #48
+    $config_name = $_ldapauth_ldap->getOption('sid');
     $userinfo = array('name' => $name, 'mail' => $mail, 'init' => $init, 'ldap_dn' => $dn, 'ldap_config' => $config_name); 
       
     user_save($user, $userinfo);
+    // for some reason, ldapauth seems to stop hook_user('login',...) from being called, which ldapgroups uses, so I just call it manually.
+    // $empty just passes a NULL variable by reference to keep php from complaining
+    $empty=NULL;
+    user_module_invoke('login',$empty,$user);
   } else {
     user_authenticate($form_state['values']);

ldapgroups changes:

diff -u ldap_head/ldapgroups.module ldap_cis/ldapgroups.module
--- ldap_head/ldapgroups.module 2008-04-02 09:55:30.000000000 -0500
+++ ldap_cis/ldapgroups.module  2008-04-04 17:04:57.000000000 -0500
@@ -318,8 +318,8 @@
   $dn = isset($_SESSION['ldap_login']['dn']) ? $_SESSION['ldap_login']['dn'] : '';
   $pass = isset($_SESSION['ldap_login']['pass']) ? $_SESSION['ldap_login']['pass'] : '';
 
-  if (!$ldapgroups_ldap->connect($dn, $pass)) {
-    $row2 = db_fetch_object(db_query("SELECT binddn, bindpw FROM {ldapauth} WHERE name = '%s'", $ldapgroups_ldap->getOption('name')));
+  // if I try to connect using a blank dn and pass, I dont get an error until ldap_read,
+  // so I just check to see if they would be blank, based on ldap_forget_passwords, and make it read from the database
+  if (variable_get('ldap_forget_passwords',true) || !$ldapgroups_ldap->connect($dn, $pass)) {
+    // use sid instead of name
+    $row2 = db_fetch_object(db_query("SELECT binddn, bindpw FROM {ldapauth} WHERE sid = '%d'", $ldapgroups_ldap->getOption('sid')));
     $dn = $row2->binddn;
     $pass = $row2->bindpw;
     if (!$ldapgroups_ldap->connect($dn,$pass)) {
@@ -410,7 +410,7 @@
 
 function _ldapgroups_ldap_init(&$user) {
   global $ldapgroups_ldap;
-  if ($row = db_fetch_object(db_query("SELECT * FROM {ldapauth} WHERE status = '%s' AND name = '%s'", 1, $user->ldap_config))) {
+  // use sid instead of name
+  if ($row = db_fetch_object(db_query("SELECT * FROM {ldapauth} WHERE status = '%s' AND sid = '%d'", 1, $user->ldap_config))) {
     $ldapgroups_ldap = new LDAPInterface();
     $ldapgroups_ldap->setOption('name', $row->name);
     $ldapgroups_ldap->setOption('server', $row->server);
@@ -419,6 +419,7 @@
     $ldapgroups_ldap->setOption('encrypted', $row->encrypted);
     $ldapgroups_ldap->setOption('basedn', $row->basedn);
     $ldapgroups_ldap->setOption('user_attr', $row->user_attr);
+    // set sid option
+    $ldapgroups_ldap->setOption('sid',$row->sid);
     return $ldapgroups_ldap;
   }
   else {

Thanks tedk. I didn't test it a lot but it seems to work ;)

I've attached a new version of the dev.
- Includes tedk's changes
- New ldappicture module which import user's picture from the LDAP jpegPhoto attribute. Its behavior is still very simple (always retrieves the picture).

I started a few days ago with the 0402 rev and just upgraded to the 0405 but have never been able to get auth to work. I'm on a brand new instance of D6.1 running on Mac OS 10.5 and have tried every combination of settings that I've seen up here. I'm positive my ldap server settings are right, it allows anonymous searches, dn, uid, and mail are all confirmed using Ldapper but every time I try to log in it just tells me "Unrecognized username or password".

In my logs, I'm seeing the following:
LDAP Bind failure for user xxxxxxxx. Error 34: Invalid DN syntax
LDAP Bind failure for user uid=xxxxxxx,ou=people,dc=xxxxxx,dc=edu. Error 50: Insufficient access

It looks like LDAPauth is pulling my Drupal admin username/password to try to authenticate to the LDAP server even though the server shouldn't need this. I've tried deleting the username/pass from the ldapauth table but it keeps getting repopulated. Is there any way to stop the module from sending a username/pass completely?

[Sorry, this is like my 5th edit]
I'm now not getting the second message (looks like the new rev allowed me to get rid of the username/pass) but still the insufficient access message.

ldap_start_tls() [function.ldap-start-tls]: Unable to start TLS: Connect error in /Applications/MAMP/htdocs/sites/all/modules/ldap_integration/ldap_integration/LDAPInterface.php on line 136.

I think I've narrowed my problem down to TLS not working, any known issues with this?

froboy-

I was having problems with TLS for a while, and finally just started using ldaps as an alternative. You may want to make sure you can query the ldap through php outside of drupal. Here is a test script I have been using for a while, not sure where it came from, but I didn't write it. Here is also a page I was using for a while, I only had to do the last few steps, and it made ldaps work, but no luck with tls: http://blogs.csuchico.edu/ik/2006/02/18/howto-fix-secure-ldap-in-php/

Hope this helps.

tedk,
Thanks for the advice. I got my school's crt and I'm so close to auth I can taste it, but I'm serving my drupal from MAMP and having issues finding any kind of ldap config file there to add the TLS_CACERT line to. I've got a post up on their board, but may just have to resort to setting up a server from scratch.

So I ended up moving everything over to XAMPP, which had OpenLDAP all installed and ready, added my crt to the ldap.conf file, and voila! Auths are working now and accounts are being created successfully, but each user gets the following error when their account is created:

* warning: array_fill() [function.array-fill]: Number of elements must be positive in /Applications/xampp/xamppfiles/htdocs/includes/database.inc on line 235.
* warning: implode() [function.implode]: Invalid arguments passed in /Applications/xampp/xamppfiles/htdocs/includes/database.inc on line 235.
* warning: array_keys() [function.array-keys]: The first argument should be an array in /Applications/xampp/xamppfiles/htdocs/modules/user/user.module on line 500.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /Applications/xampp/xamppfiles/htdocs/modules/user/user.module on line 500.

Anyone play with 6.2 yet? I seem to have lost my config page completely in the upgrade. The module is still working (except for the the barf above) but I can't access any of the configuration pages.

@froboy,

Same problem here, i must downgrade to 6.1 again! With 6.2 we can't configure the ldap settings, the ldap integration page (?q=admin/settings/ldapauth) don't show anywhere, and if we try to get on in manually the return is Access denied You are not authorized to access this page.

I have another issue, when a ldap user log on he saw 4 warning's. It only happens the first time, i now that problem only happen if the profile module is active... however i need it :S

Any solution?

Thanks

All,

Please be patient and wait for a 6x release. Using this one post to track multiple problems will make it more difficult & confusing to address each bug.

As has been mentioned, the version of the ldap integration module available in this post is early beta or even alpha. In fact it appears that the original 6x version was merged with an old branch of the ldap_integration module. So the 6x version, when it's available, will probably be based soley on Simonc's port or will be 100% new.

@scafmac

I understand you, but i'm in the edge of something BIG.... i'm try escape from microsfot sharepoint and i need to show work done to my boss ot they will go to the sharepoint ... so i must move on... to some where :)

I only try put it to work even not very good, but in a away that i can show it could be possible :D

Anyway the last version avaible here works good, at least the login process !!

The only issues is what i appoint! Configure options aren't visible in 6.2 version and the log on cause warning if profile core module is active

I'm sure this has something to do with the access inheritance between parent and child menu items (this is a change in 6.2)... I will try to take a look at it next week as I plan to upgrade my site from 6.1 to 6.2.

I have tried Pariviere's version and cannot see the administration screen for the LDAP settings. I do not get any errors, but just don't see the link to get to the settings. Any ideas on what I am missing?

You are missing read before you post :)

In 6.2 versionldap module have a bug and the ldap integration page don't appear

Hello-

I noticed the 6.2 bug the other day, and yes it appears to be an issue with access inheritance that was changed to fix a security hole from 6.1. It's a pretty easy fix, although I'm not sure if it's actually the proper syntax. I have a tendency to just hack parts of drupal to meet my needs. But if you go through each module, in the hook_menu function, there is an array of $items. In each item, add the line: 'access arguments' => array('administer ldap modules'),. If there is a line like 'access' => user_access('administer ldap modules'), then go ahead and remove it.

Once again, this seems to work for me, but I'm not a drupal developer, and I could be doing it all wrong and just causing more problems.

Here is my current diff from the 20080405 release. I only made these changes in ldapauth and ldapgroups, since I only use those two. I hope this helps some of you get your stuff working.

Thanks.

diff -ur ldap_head/ldapauth.module ldap_cis/ldapauth.module
--- ldap_head/ldapauth.module	2008-04-05 04:33:25.000000000 -0500
+++ ldap_cis/ldapauth.module	2008-04-22 15:02:15.000000000 -0500
@@ -56,12 +56,14 @@
     'title' => 'LDAP Integration',
     'page callback' => 'ldapauth_admin_list',
     'page arguments' => array('administer ldap modules'),
+    'access arguments' => array('administer ldap modules'),
     'description' => 'Configure LDAP settings',
   );
 
   $items['admin/settings/ldapauth/list'] = array(
     'title' => 'List',
     'page callback' => 'ldapauth_admin_list',
+    'access arguments' => array('administer ldap modules'),
     'type' => MENU_DEFAULT_LOCAL_TASK,
   );  
 
@@ -69,6 +71,7 @@
     'title' => 'Configure LDAP Server',
     'page callback' => 'drupal_get_form',
     'page arguments' => array('ldapauth_admin_form'),
+    'access arguments' => array('administer ldap modules'),
     'type' => MENU_LOCAL_TASK,
     'weight' => 1,
   );
@@ -77,6 +80,7 @@
     'title' => 'System Wide Options',
     'page callback' => 'drupal_get_form',
     'page arguments' => array('ldapauth_admin_options'),
+    'access arguments' => array('administer ldap modules'),
     'type' => MENU_LOCAL_TASK,
     'weight' => 2,
   );
@@ -85,6 +89,7 @@
     'title' => t('Configure LDAP Server'),
     'page callback' => 'drupal_get_form',
     'page arguments' => array('ldapauth_admin_form'),
+    'access arguments' => array('administer ldap modules'),
     'type' => MENU_CALLBACK,
   );
   
@@ -92,6 +97,7 @@
     'title' => 'Delete LDAP Server',
     'page callback' => 'drupal_get_form',
     'page arguments' => array('ldapauth_admin_delete'),
+    'access arguments' => array('administer ldap modules'),
     'type' => MENU_CALLBACK,
   );
 
diff -ur ldap_head/ldapgroups.module ldap_cis/ldapgroups.module
--- ldap_head/ldapgroups.module	2008-04-05 04:33:25.000000000 -0500
+++ ldap_cis/ldapgroups.module	2008-04-22 15:02:15.000000000 -0500
@@ -57,7 +57,7 @@
 	  'title' => t('LDAP Groups'),
 	  'description' => t('Configure LDAP Groups Settings'), 
 	  'page callback' => 'ldapgroups_admin_list',
-	  'access' => user_access('administer ldap modules'),
+	  'access arguments' => array('administer ldap modules'),
 	  );
 	$items['admin/settings/ldapgroups/edit'] = array( 
 	  'title' => t('LDAP Groups'),
@@ -65,7 +65,7 @@
 	  'page arguments' => array('ldapgroups_admin_edit'),
 	  'type' => MENU_CALLBACK,
 	  'weight' => 1,
-	  'access' => user_access('administer ldap modules'),
+	  'access arguments' => array('administer ldap modules'),
 	  );
 	$items['admin/settings/ldapgroups/reset'] = array( 
 	  'title' => t('LDAP Groups'),
@@ -73,7 +73,7 @@
 	  'page arguments' => array('ldapgroups_admin_edit'),
 	  'type' => MENU_CALLBACK,
 	  'weight' => 1,
-	  'access' => user_access('administer ldap modules'),
+	  'access arguments' => array('administer ldap modules'),
 	      );
 	return $items;
 }

@tedk

That do the trick for me :)

However still have the warnings with profile module active :s

    * warning: array_fill() [function.array-fill]: Number of elements must be positive in /media/WORK/www/drupal-6.2/includes/database.inc on line 235.
    * warning: implode() [function.implode]: Bad arguments. in /media/WORK/www/drupal-6.2/includes/database.inc on line 235.
    * warning: array_keys() [function.array-keys]: The first argument should be an array in /media/WORK/www/drupal-6.2/modules/user/user.module on line 500.
    * user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /media/WORK/www/drupal-6.2/modules/user/user.module on line 500.

#64 that is bad way to handle that. You have removed the access list from those options so anyone including annomous can access those menus and make changes not what you want. Trust me.

Thanks
Robert

Are you sure that's not the right way to do it?

It looks to me like "access" has been replaced by the combination of "access callback" and "access arguments" in Drupal 6 (see http://api.drupal.org/api/function/hook_menu and http://api.drupal.org/api/function/hook_menu/5 )

#67 & #64. I think I miss read the patch yea you make the changes as outlined in #67.

Sorry about that. I though he was removing the line not changing the line.

Thanks
Robert

No, 'access arguments' is fine, if no 'access callback' is provided, 'user_access' is assumed.

Hi,

I installed ldap_integration-6.1-dev-20080405.tar_.gz with no problems at all. I can't seem to find the module configuration page in the dru menu, module is enabled.

I'm following this tutorial

http://drupal.org/node/118092

Configure the module

# Proceed to Administer >> Site Configuration >> LDAP Integration
# Click Configure LDAP Server

There is no "LDAP integration" at all in site config ... what I'm getting wrong ?

Tnx for any help!

subscribe

tedk,

Thanks a lot, works now in 6.2, I realize its only temporary but its nice to know its within reach.

@#70.,. Uh. Did you even read the issue?

Apply the patch at http://drupal.org/node/212372#comment-817556...

This is now working.

I gave #74 a try and managed to get things working though my current Drupal test installation is a bit non-standard. I only enabled ldapauth at this time.

I got a few warnings about undefined indexes in $form_state['values']['...'] when setting System Wide Options:

['ldap_user_pass_form']
['ldap_disable_request_new_password']
['ldap_alter_reset_form']

These appear to be used to variable_set() form values on or about line 292-297 of ldapauth.module, but I'm not seeing any accompanying form fields to pass them through to ldapauth_admin_options_submit(). This may be my own error as I am on a well hacked core, but you might want to have a look as it appears that these are specific to ldapauth and not to any of my other system changes.

The authentication works, however I commented out the lines which set any variables which I couldn't find in the forms in order to silence the error messages.

I try latest version (#74 from cwgordon7)

But with the profile module active i still have this errors on ldap users first login

* warning: array_fill() [function.array-fill]: Number of elements must be positive in /media/WORK/www/drupal/includes/database.inc on line 235.
* warning: implode() [function.implode]: Bad arguments. in /media/WORK/www/drupal/includes/database.inc on line 235.
* warning: array_keys() [function.array-keys]: The first argument should be an array in /media/WORK/www/drupal/modules/user/user.module on line 500.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /media/WORK/www/drupal/modules/user/user.module on line 500.

I just put in the latest version (from #74) into D6.2 and can confirm these errors, but also still can't see the configuration pages. Does #74 incorporate the patches from #64?

@froboy (#74)

Yes i can view it in the configuration pages, so yes it have the patches from #64

I'm try to get ldapgroups to work, but or i doing that wrong ot ir doens't work to... anyway i can debug it?

I suppossed after login with ldap user it would create ldap user group but that isn't happen

Ah, thanks. I just had to disable then re-enable the module, now I can see it fine.

One more thing!!!

I put ldapgroups to work, is my mistake so it works.

I only can put it to work with the second optin and memberof, but with this settings my users will put a lot of groups... and i don't want that...

Anyway to solve this?

Is the ldapdata field mapping functional for Drupal 6.2?
I'm getting this error when I try mapping data:

* warning: array_filter() [function.array-filter]: The first argument should be an array in /var/www/drupal/modules/ldap_integration/ldapdata.module on line 373.
* warning: array_filter() [function.array-filter]: The first argument should be an array in /var/www/drupal/modules/ldap_integration/ldapdata.module on line 382.

Hy there,

SO after some more testing and a lot of debug!!!

I can put it to work with the first ldapgroups option like i want. The issue, the ou must be in uppercase (OU) don't know why.. but if must be uppercase that should be reported in the example paragraph... And i can confirm that the groups are created only after second login!!!

Cheers

It all works for me except for ldapdata. It seems to install ok, but doesn't actually map the profile fields. I am new to this so I may be doing it wrong but I have added fields in Profile and mapped them in ldapdata but it is not pulling in the data

Hopefully this will help someone else as it drove me nuts until I decided to just try it with no other options left....

I couldn't get my connection through LDAP working when all my configuration settings were correct. I created a simple standalone PHP script just to make sure I could at least get a connection through LDAP without worrying about authentication and it worked fine.

In the "Configure LDAP Server" settings where it asks for the DN for a non-anonymous user for searching, I kept using a standard DN formatted account (LDAP in AD port 389. ex. CN=user,OU=STAFF,dc=web,dc=laker,dc=int) which did not work. So I finally tried entering in just a login and password for a limited access account (highly recommended you do NOT use your own personal account) and it worked! (ex. web\username instead of a DN formatted string... i use "web" because this server is in our web domain, obviously it will be different for everyone else or not even present)

If I might make a suggestion... this setting in "Configure LDAP Server" should read "DN or Username for non-anonymous search:". I would do it myself but I'm very new to Drupal and the whole module growth process. :) I figured at least pointing this out would be a good start.

If I posted this in the wrong place, I apologize.

I'm at a complete loss as to how to get this setup and working, and this could be an issue between a variety of things. I'm trying to do this for an intranet with Drupal 6.2 on an Ubuntu server that is trying to communicate with a Windows 2003 Server that runs our Active Directory. I've tried a variety of configs based on various threads I've found on this issue but keep coming up with the following error.

Fatal error: Call to undefined function ldap_connect() in /wwwroot/sites/all/modules/ldap_integration/ldap_integration/ldap_integration/LDAPInterface.php on line 115

I know that my AD server is listening on port 389. After that, things get a little gray. I know what I want to do, but my knowledge isn't that supreme when it comes to Linux or Windows Server 2003, but I know enough to get me into trouble. :)

Perhaps someone will be able to assist me with this?

That was it.

sudo apt-get install php-ldap

When you are frustrated, things get hard. This was too simple.

Now I'm at the point where I keep getting that I tried the wrong password. Even though I know it's right, it's just a matter of getting the authentication to work properly. All of this can be done through the module, correct? Or is there anything else I need to setup on my Ubuntu server?

Im having the same issue. What is the ldap attribute it's trying to pull for the picture?

I try latest version (#74 from cwgordon7)

But with the profile module active i still have this errors on ldap users first login

* warning: array_fill() [function.array-fill]: Number of elements must be positive in /media/WORK/www/drupal/includes/database.inc on line 235.
* warning: implode() [function.implode]: Bad arguments. in /media/WORK/www/drupal/includes/database.inc on line 235.
* warning: array_keys() [function.array-keys]: The first argument should be an array in /media/WORK/www/drupal/modules/user/user.module on line 500.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /media/WORK/www/drupal/modules/user/user.module on line 500.

This means you are probably using ldapgroups without any groups set up..?

I too can confirm the d6 patch for ldapauth and ldapgroups works. I am using an Apple OpenDirectory LDAP server.

I am getting the exact error from #89 and I am not trying to pull any ldap data other then auth and groups. The error appears only on the first login and it doesn't stop anything from working. For me it must have to do with either ldap auth or ldap groups modules. We do have groups set up in ldap because after the second login the person has their ldap groups mapped to drupal roles, but it fails to set this mapping up on the first login.

The error on first login looks like this:

warning: array_keys() [function.array-keys]: The first argument should be an array in /Library/WebServer/Documents/drupal/modules/user/user.module on line 502.
warning: array_fill() [function.array-fill]: Number of elements must be positive in /Library/WebServer/Documents/drupal/includes/database.inc on line 235.
warning: implode() [function.implode]: Bad arguments. in /Library/WebServer/Documents/drupal/includes/database.inc on line 235.
warning: array_keys() [function.array-keys]: The first argument should be an array in /Library/WebServer/Documents/drupal/modules/user/user.module on line 506.
user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /Library/WebServer/Documents/drupal/modules/user/user.module on line 506.

-------------
It looks like the error coming from the user.module from user_access(). I know the error lies in the ldap module calling something down to user_access() wrong as opposed to an error in user.module itself.

$result = db_query("SELECT p.perm FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (". db_placeholders($account->roles) .")", array_keys($account->roles));

When I do a var_dump on array_keys($account->roles) on the first login (which I think causes the error: "warning: array_keys() The first argument should be an array ") I get

array(1) { [0]=> int(2) } 

When I do it on the second login (that doesn't produce an error) I get

array(2) { [0]=> int(2) [1]=> int(23) }

Any idea whats going on here?

Has anyone had any luck getting ldapdata to pull in data to their drupal profile fields?

Using version posted May 12. Trying to install with
Drupal 6.2
windows 2003 server / IIS 6
MySql 5.051b
PHP5

It appears that when I try to configure the LDAP server in the module that the database information isn't being created. I receive the following error:

user warning: Field 'ldapdata_rwattrs' doesn't have a default value query: INSERT INTO ldapauth (name, status, server, port, tls, encrypted, basedn, user_attr, mail_attr, binddn, bindpw) VALUES ('ldapconfig', '1', 'xx.xx.xx.xx', '636', '1', '0', 'OU=Employees,DC=cbb,DC=corp', 'sAMAccountName', 'mail', '', '') in D:\Drupal\intranet\modules\ldap_integration\ldapauth.module on line 476.

I've also just realized that I've lost access to several pages of the site. Maybe I'm only able to access cached pages. Any ideas?

Is there a clean picture or idea of when this module will be ready for Drupal 6?

I'm beginning to evaluate drupal for the purpose of an intranet site where I work at a .edu, and would require the "roll" permissions to be populated by the existing LDAP groups we have.

Thank you in advance.

Would anyone like to go in with me and offer a bounty for someone to clean this module up and get it working for d6?

If there's an official mechanism for bounties, I'll put in $20 ;)

(won't be the first time I spend my own cash for something work should be paying for... HA)

bounty:

http://drupal.org/node/272247

I think scafmac is looking for help. Can you try to contact him?

I am looking into this.

Edit. Ok I have now fixed the bug causing the first-time login errors.

However one problem remains, the ldap groups are not physically created on initial log in, however they are mapped.

But this isn't necessarily unwanted behaviour because the groups need to be created first and assigned privileges anyway.

Thanks 1fast6! Can we get a post of the new version?

Some more improvements now. The groups are now created and mapped on first login. So no extra messing about :-)

I downloaded the lastest patch and still get no configuration pages in 6.2. Any suggestions?

Is it "done" then?

As in... ready to be a real project for version 6 that we can download and use?

I don't know what the approval process is, so if someone could explain it to me, I'd appreciate it.

Thanks.

I am working with 1fast6 to test his patch. It involves replacing the core profile module.

Ok so attached is the version that creates the groups and maps them on first login. It also contains the updated profile.module.

I have tested this on my system using DN's and LDAP attributes settings in the ldap_groups admin config.

Ensure you clear your database cache before using the new modules.

My LDAP Groups Admin Page

How can I help test?

Do you want me to set up a stock Drupal site (6.2) with this module installed and see if i can get it set up with my LDAP(AD) system?

Thanks.

yes, that would be great

Ok, what exactly do I need to install?
The "ldap_integration-patch.zip" just has a few module files in it, so I don't know what I need before that to move forward.

Thanks.

I've ported the module last week together with some internals modules. When I checked here last time there wasn't any progress so I don't know how far other people are in porting the modules.

I've ported the all three modules and fixed all issues the 'coder' module reported, also concerning coding style. Hope this helps.

I've ported the module last week together with some internals modules. When I checked here last time there wasn't any progress so I don't know how far other people are in porting the modules.

I've ported the all three modules and fixed all issues the 'coder' module reported, also concerning coding style. Hope this helps.

I've there are any issues with this one, please let me know if no release is made because it will be at least 2 months before the upgraded site that uses these modules will go into beta-testing.

I've just tried your version zoeloelip and I'm afraid it is 6.2 incompatible and throws loads of errors from modules using hook_user.

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\dblog\dblog.module on line 135

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\syslog\syslog.module on line 106

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\dblog\dblog.module on line 135

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\syslog\syslog.module on line 106

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\dblog\dblog.module on line 135

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\syslog\syslog.module on line 106

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\dblog\dblog.module on line 135

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\syslog\syslog.module on line 106

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\dblog\dblog.module on line 135

Notice: Trying to get property of non-object in D:\Web--Services\Groups\drupal6\modules\syslog\syslog.module on line 106

# warning: array_fill() [function.array-fill]: Number of elements must be positive in D:\Web--Services\Groups\drupal6\includes\database.inc on line 235.
# warning: implode() [function.implode]: Invalid arguments passed in D:\Web--Services\Groups\drupal6\includes\database.inc on line 235.
# warning: array_keys() [function.array-keys]: The first argument should be an array in D:\Web--Services\Groups\drupal6\modules\user\user.module on line 510.
# user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in D:\Web--Services\Groups\drupal6\modules\user\user.module on line 510.
# warning: Invalid argument supplied for foreach() in D:\Web--Services\Groups\drupal6\modules\imce\imce.module on line 153.

@duran

The zip files contains:

profile.module -> replace your existing profile module in the modules\profile folder

remaining files -> replace existing files in the modules\ldap_integration folder

Hang on a second there... why are we replacing core files? Also, can you please post your code as a patch for easier testing/reviews? See http://drupal.org/patch/create if you need help creating a patch.

.. for lack of a better status.

Hi zoeloelip -

Get a lots of database errors when enabling the module (July 6, 2008 - 21:05
verion), probably all dependend onm each other.

user warning: BLOB/TEXT column 'basedn' can't have a default value query: CREATE TABLE ldapauth ( `sid` INT unsigned NOT NULL auto_increment, `name` VARCHAR(255) NOT NULL DEFAULT '', `status` INT unsigned NOT NULL DEFAULT 0, `server` VARCHAR(255) NOT NULL DEFAULT '', `port` INT unsigned NOT NULL DEFAULT 389, `tls` INT unsigned NOT NULL DEFAULT 389, `encrypted` INT unsigned NOT NULL DEFAULT 389, `basedn` TEXT NOT NULL DEFAULT '', `user_attr` VARCHAR(255) NOT NULL DEFAULT '', `mail_attr` VARCHAR(255) NOT NULL DEFAULT '', `binddn` VARCHAR(255) NOT NULL DEFAULT '', `bindpw` VARCHAR(255) NOT NULL DEFAULT '', `bindpw_clear` VARCHAR(255) NOT NULL DEFAULT '', PRIMARY KEY (name), INDEX sid (sid) ) /*!40100 DEFAULT CHARACTER SET UTF8 */ in C:\Inetpub\wwwroot\drupal\includes\database.inc on line 509. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_groups_in_dn` INT NOT NULL DEFAULT '0' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_groups_in_dn_desc` INT NOT NULL DEFAULT '0' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_group_dn_attribute` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_group_attr` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_groups_in_attr` INT NOT NULL DEFAULT '0' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_groups_as_entries` INT NOT NULL DEFAULT '0' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_group_entries` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldap_group_entries_attribute` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldapdata_binddn` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldapdata_bindpw` VARCHAR(255) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: ALTER TABLE ldapauth ADD `ldapdata_bindpw_clear` VARCHAR(2) NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: BLOB/TEXT column 'ldapdata_rwattrs' can't have a default value query: ALTER TABLE ldapauth ADD `ldapdata_rwattrs` TEXT NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: BLOB/TEXT column 'ldapdata_roattrs' can't have a default value query: ALTER TABLE ldapauth ADD `ldapdata_roattrs` TEXT NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: BLOB/TEXT column 'ldapdata_mappings' can't have a default value query: ALTER TABLE ldapauth ADD `ldapdata_mappings` TEXT NOT NULL DEFAULT '' in C:\Inetpub\wwwroot\drupal\includes\database.mysql-common.inc on line 298. 
user warning: Table 'drupal.ldapauth' doesn't exist query: SELECT ldapdata_mappings, ldapdata_rwattrs FROM ldapauth WHERE name = '' in C:\Inetpub\wwwroot\drupal\sites\all\modules\ldap_integration\ldapdata.module on line 417. 

Hi

Removeng the 'default' => '' from :

      'basedn' => array(
        'type' => 'text',
        'not null' => TRUE
        'default' => ''),

in ldapauth.install solved these problems.

Inside ldapdata.install there's the same problem with

ldapdata_rwattrs, ldapdata_roattrs and ldapdata_mappings.

Hi,

After this I could expect this obvious error:

user warning: Field 'ldapdata_rwattrs' doesn't have a default value query: INSERT INTO ldapauth (name, status, server, port, tls, encrypted, basedn, user_attr, mail_attr, binddn, bindpw) VALUES ('mydrupal', '1', 'ou.nl', '0', '0', '0', '', '', '', '', '') in C:\Inetpub\wwwroot\drupal\sites\all\modules\ldap_integration\ldapauth.module on line 492.

This one is not so easy to fix as the field 'ldapdata_rwattrs' does belong to an optional module. I deinstalled the module for now as a workaround.

subscribe

Hi,

Got it working!!

In my case i needed to logon to the AD to be able to query at all (see 'Advanced configuration'). I used a simple domain\username + password there I can also use to logon to the NT domain.

Furtermore did I set the 'Base DN' to all the DC stuff in my AD user account and used 'sAMAccountname' as 'Username attribute' (so I do not have to type my full name to login).

Btw the following link has some nice AD/LDAP tools to see if what you try in the config actually works.

Windows Server 2003 Service Pack 2 32-bit Support Tools found at:

http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011-fd83-4...

Also the following link was usefull for testing purposes (see the 'checkldapuser' post by edi01 at gmx dot at) at:

http://nl.php.net/manual/en/function.ldap-bind.php

can someone please post a current version as a real patch so that I can download the appropriate files for testing.

I'm unsure what zip file to download, as there are 3 recent ones.

Thank you.

@wvd_vegt

I've fixed the problem. Specifying a default value for a text column is only an error on windows and a warning on all other platforms. This is fixed in the patch attached to this message. It's against the 5.x dev version, I wasn't ably to identify the correct cvs branch to make the diff against.

@1fast6

Can you give me some more information about your setup? I'm not able to reproduce this.

I've fixed some wrong uses of watchdog which caused some warning in the syslog module, so v3

Just discovered the ldapdata attribute settings page was broken. This is fixed now.

@1fast6

I think I ran into the same problem as you did. Does this new patch fix the problem?

@zoeloelip

How to apply the diff !?

Thanks

@Panda_N_Shark

patch -p1 < ldap_integration-patch-v5.diff

For the windows users I've attached a zip file with the patch applied

You guys rule. I just used the zip from #128 and it worked great. One note for the others, it requires php >= 5.1. My test site is on 5.04 and I had to comment out a couple of lines that didn't work. But it seems to work fine after that.

@zoeloelip

The patch work, however i must delete the users that already have been added to drupal database, because i get an error of duplicate entry and can't login

Paste:
# Another user already exists in this system with the same login name. You should contact the system's administrator in order to solve this conflict.
# user warning: Duplicate entry '' for key 2 query: INSERT INTO users (mail, created) VALUES ('mail@mail', numbers) in /media/WORK/www/drupal/modules/user/user.module on line 325.

I have try the attached file zoeloelip upload #112, and noticed me that "Reserved XXXXX assume -R"

which one should I patch v5.diff to, according what zoeloelip said in #123, is it this one?
http://ftp.drupal.org/files/projects/ldap_integration-5.x-1.x-dev.tar.gz

I used the above module files and patched the v5.diff. With enabling ldapauth+ldapdata+ldapgroups, it give me a blank page back. If disabling the ldapdata module manuallly in database with keeping the others enalbed, the web come back.

How could I debug it?

My environment is :
Linux RedHat 4 U4 64bit
PHP 4.3.9
Mysql 4.1.20
Apache 2.0.52

This version fixes:
* the problems with the duplicate user and the errors in the logging modules
* the form to add and edit ldap servers

@pillow
How do you apply that patch?

This works fine for me on Fedora 9:

wget http://ftp.drupal.org/files/projects/ldap_integration-5.x-1.x-dev.tar.gz
wget http://drupal.org/files/issues/ldap_integration-patch-v6.diff
tar xvfz ldap_integration-5.x-1.x-dev.tar.gz
cd ldap_integration/
patch -p1 < ../ldap_integration-patch-v6.diff

@zoeloelip

The way I applied the patch is same as yours descripted in #132, and it succeed.

Only my problem is ldapdata malfunctions, enabling it will turn all my site pages to be blank unless I disable it in database.

It seems that this problem occured only on my server. I'm going to reinstall my site to verify wether it's reproducible.
What information should I collect for your debugging if that doesn't work?

Check you apache logs or turn display_errors in php.ini on (rhel disables this by default). Could be I used something which isn't php 4 compatible.

I found the following entries in the error_log of apache, is there any possibility to tunning it wiout updating my php to version 5?

[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 890
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 890
[Sun Jul 13 08:21:16 2008] [error] [client 192.168.190.1] File does not exist: /opt/Drupal/admin
[Sun Jul 13 08:21:20 2008] [error] [client 192.168.190.1] File does not exist: /opt/Drupal/q
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 890
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 890
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 416
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration2/ldapdata.module on line 416, referer: http://192.168.190.172/?q=admin/build/modules
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration2/ldapdata.module on line 890
[client 192.168.190.1] PHP Fatal error: Call to undefined function: property_exists() in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 416, referer: http://192.168.190.172/?q=admin/build

zoeloelip: do you have a public svn repository where one could pull your patches one by one? Or if not, could you please publish not only patches against ldap_integration-5.x-1.x-dev.tar.gz but also subsequential patches, e.g. ldap_integration-patch-v6_against_v5.diff?

Different thing: could you give me a hint where to search for the variables which login name and pw are saved in? Then I could try to implement that option we talked about in irc myself.

cu
BeerSerc

I found a substitute for property_exists() from http://www.php.net/manual/zh/function.property-exists.php.
Add the following code in ldapdata, it becomes php4 compatible now~

if (!function_exists('property_exists')) {
function property_exists($class, $property) {
if (is_object($class))
$class = get_class($class);

return array_key_exists($property, get_class_vars($class));
}
}

Doesn't drupal 6 require PHP 5 anyway?

No, Drupal 6 is PHP 4.3.4+. Drupal 7 will be PHP 5.2+.

Could we integrate Drupal + phpBB + LDAP?

It may not realistic, but I wish both Drupal and phpBB can autentciate against LDAP, and there will be some block derived from phpBB.

Is it possible?

It may be possible, but that is a separate issue from porting to 6.

Sorry for that, maybe I should post this request in phpbbmodule~~

Latest sitatus on my server.

When I click "My Account" after login successfully against LDAP authentication, it give me a blank page again.
I find the following entry in Apache error_log, it seems another problem caused by PHP version, and exists both before and after patching v6.diff.

PHP Fatal error: Call to a member function on a non-object in /opt/Drupal/modules/ldap_integration/ldapdata.module on line 739

The following code is lines 719-724, what should I do next?

$bind_info = _ldapdata_edition($user);
if (!$_ldapdata_ldap->connect($bind_info[0], $bind_info[1])) {
watchdog('user', "User view: user @user data could not be read in the LDAP directory", array('@user' => $user->name), WATCHDOG_WARNING);
return;
}

@pillow, You may have to check your users list again. I had to go in and re-check 'Authenticate via LDAP' for each user on my installation.

@bbeyer, I have tried as your comment, but it doesn't make any change on my instance.
Thank you all the same.

* Fixed the php 4 incompatibility

Imported all patches posted here in a hg repository

http://bart.ulyssis.org/hg/ldap_integration/

I havn't use hg repository before. I didn't find the right simple informain for using it in windows or linux by google.
Could anyone give me some guidance? Such as keyword or some url or software or command, thanks!

The latest status on my server, does it only occur in my environment?

A new LDAP account can login successfully with the following warning. these won't appear in the future login~

warning: array_fill(): Number of elements must be positive in /opt/Drupal/includes/database.inc on line 240.
warning: implode(): Bad arguments. in /opt/Drupal/includes/database.inc on line 240.
warning: array_keys(): The first argument should be an array in /opt/Drupal/modules/user/user.module on line 500.
user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM drupal_role r INNER JOIN drupal_permission p ON p.rid = r.rid WHERE r.rid IN () in /opt/Drupal/modules/user/user.module on line 500.

pillow, see: http://drupal.org/node/283664

We don't set things to closed directly - instead we set them to fixed, and they are automatically closed if they go through 2 more weeks with no further activity.

I had this error:

'ldapdata_rwattrs' doesn't have a default value

With MySQL manager I found that the default value for some fields in the corresponding table were NULL, while there was also a checkmark at "NOT NULL".
So I unchecked "NOT NULL", and the error was gone.

Has anyone tried this on Drupal 6.3?

Yeah, works fine for me so far.

Trying to implement LDAP Authentication to Active DIrectory 2008. Getting this error msg when attempting Log On:

Fatal error: Call to undefined function ldap_connect() in C:\xampp\htdocs\drupal\sites\all\modules\ldap_integration\includes\LDAPInterface.inc on line 132

LDAP Settings
LDAP Directory Only
Disallow login and log the conflict
Do not store user's passwords during sessions
Remove password change fields from user edit form
Do Nothing (email)

Server Options settings:
nmae: sfmclan
LDAP server: 10.38.6.29 , port: 389
Base DNs: dc=sftc,dc=org
username attribute: sAMAccountName
email attribute: mail

I went to look at LDAPInterface.inc and found no reference to function:

Any ideas to make this work from anyone?

It sounds like you don't have the php extension for LDAP installed and/or enabled.

Thanks for responding. COuld you please tell me how to do PHP extension?

Go to [yoursite]admin/reports/status and look at the PHP status line where it tells you what level of PHP is installed.

You should have a link on that version number to a PHP status page, [yoursite]admin/reports/status/php

Search that page for "LDAP" and if it's not found, then this is your problem, you do need to enable the extension. Near the top of that page find the line for "Loaded Configuration File" - it might be something like C:\wamp\bin\apache\Apache2.2.11\bin\php.ini - edit that file, uncomment the line for the LDAP extension (search the file for "LDAP" to find it).

Now restart your web server service (Apache or IIS) according to the instructions for your web server and platform.

Closed the issue "Porting to Drupal 6" because it's done. Please open new issues for other problems.