Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I'm using an OpenLDAP server with bind method "Bind with Users Credentials". This works fine for provisioning Drupal user accounts when LDAP account already exists.
However, when that user edits his profile in Drupal and saves, Drupal cannot bind to the LDAP server, because it no longer has that's user's password to use for binding. In LdapServer::bind(), I don't see an option for hooking in to supply the proper DN and password for binding.
What do you recommend for injecting the binding DN and password after trying to synch to LDAP after Drupal user account is updated by that user?
Comment | File | Size | Author |
---|---|---|---|
#1 | ldap-persistent_binding-2225795-1.patch | 952 bytes | krisahil |
Comments
Comment #1
krisahil CreditAttribution: krisahil commentedI patched ldap_server module, and provided a sandbox project to address this.
The patch stores the credentials passed to bind() method, so that early functions can pass the correct credentials. The sandbox project modifies the user edit form to require the current user's LDAP password. A validation handler then passes the user's DN and LDAP password to bind(). This ensures that the correct bind credentials are available when ldap_user_user_update() tries to push updated data to LDAP server.
Sandbox project: https://drupal.org/sandbox/krisahil/2227439
Comment #2
krisahil CreditAttribution: krisahil commentedComment #3
larowlanno update for > 12 months - closing