AD Creates Extra Array Level for Groups

erikwebb - April 28, 2009 - 16:21

Project:	LDAP integration
Version:	6.x-1.x-dev
Component:	Code
Category:	bug report
Priority:	normal
Assigned:	miglius
Status:	closed
Issue tags:	ldapgroups

When pulling groups based on an LDAP attribute (in this case 'memberOf'), LDAP groups is creates a multi-level array of these groups instead of a single. Because of this, the array_intersect() call in ldapgroups.module, when allowing only users with certain groups to authenticate, is not finding any intersection.

The array from AD:

Array
(
    [0] => Array
        (
            [0] => CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=edu
            [1] => CN=xxx1,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=edu
        )

)

The array from $groups_allow attempting to intersect with it:

Array
(
    [0] => CN=xxx,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=edu

)

I've removed the details obviously, but the problem is with having the extra array level. I can fix this by changing

<?php
 $groups_allow 
?>

<?php
 $groups_allow[0] 
?>

in my case, but is there a more universal solution?

Thanks,
Erik

» Login or register to post comments

#1

miglius - May 4, 2009 - 07:32

Assigned to:	Anonymous	» miglius
Status:	active	» postponed (maintainer needs more info)

Can you update the ldap_integration code to the latest dev version and try again? Some changes made two weeks ago might have fixed this as well.

#2

miglius - May 4, 2009 - 07:32

#3

erikwebb - May 5, 2009 - 16:28

Status:

postponed (maintainer needs more info)

» closed

The newest version has fixed that issue. Thank you very much. Great work!

AD Creates Extra Array Level for Groups

Jump to:

#1

#2

#3

User login

Contributor links