Labels: Type-Defect Priority-Medium
New issue 1933 by daChaac: Getting new user details from LDAP are not using
binded user account
What version are you running?
What's the URL of the page containing the problem?
What steps will reproduce the problem?
1. Setup LDAP directory in a way that only uid and dn fields are primarily
visible for anonymous users. Eg. other user details are hidden until user
2. Setup LDAP backend to authenticate against LDAP directory and look for
uid=<login>. Do not use special account for initial bind.
3. Login with new user not previously on the system
4. New user does not have givenName nor sn set.
What is the expected output? What do you see instead?
givenName and sn set for new user.
What operating system are you using? What browser?
Linux; but not relevant to this issue.
Please provide any additional information below.
One fix for the issue would be to provide ldapo object from
LDAPBackend::authenticate -> LDAPBackend::get_or_create_user. And as user
was previously binded in authenticate then ldapo.search_s would provide
needed details in get_or_create_user.
Another thing is that ldapo.search_s after binding might be also useful to
allow updates from LDAP to local user database. Thou it might be a good
idea to make this configurable.
You received this message because you are subscribed to the Google Groups
To post to this group, send email to reviewboard-iss...@googlegroups.com.
To unsubscribe from this group, send email to
For more options, visit this group at