I have been checking the privileges page for the groups. I have been trying to add var_dumps to the ldapauth.php, but I'm not getting anything to the screen.
- Gerhard 757.683.6980 | gha...@odu.edu | occs.odu.edu -----Original Message----- From: Josh Thompson [mailto:josh_thomp...@ncsu.edu] Sent: Tuesday, May 18, 2010 3:58 PM To: vcl-dev@incubator.apache.org Subject: Re: Cannot get LDAP grouping to work -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gerhard, Where in VCL are you looking to see if the groups have been created? Groups created from LDAP sources do not appear on the Manage Groups page since their creation/membership is managed via LDAP. You can either look directly in the database, or go to the privileges page and click on the "Add Group" button to see if they are in the list. Josh On Tuesday May 18, 2010, Hartl, Gerhard L. wrote: > I actually started out like that and in my trouble shooting had stripped > them off. You are correct as this now produces the following from my test > code, but I am still not getting the groups. Any other ideas on where to > look or how to debug? > > Array ( [0] => cn=vclimage,ou=group,ou=vcl,o=odu [1] => vclimage ) Array ( > [0] => cn=vcladmin,ou=group,ou=vcl,o=odu [1] => vcladmin ) > > - Gerhard > > > -----Original Message----- > From: Josh Thompson [mailto:josh_thomp...@ncsu.edu] > Sent: Tuesday, May 18, 2010 2:57 PM > To: vcl-dev@incubator.apache.org > Subject: Re: Cannot get LDAP grouping to work > > Gerhard, > > You're almost there. You need to put ()'s around the part of the regular > expression that you want to be the name of the group in VCL. I would > suggest: > > for($i = 0; $i < $data[0]['ismemberof']['count']; $i++) { > if(preg_match('/^cn=(vcladmin),ou=group,ou=vcl,o=odu$/', > $data[0]['ismemberof'][$i], $match) || > preg_match('/^cn=(vclimage),ou=group,ou=vcl,o=odu$/', > $data[0]['ismemberof'][$i], $match)) > > If you look at updateEXAMPLE1Groups in the unmodified code, you'll see some > examples that have the ()'s in them. > > preg_match puts the entire matched string into $match[0] and then any sub > matches (items surrounded by ()'s) in $match[1] through $match[n]. > > Josh > > On Tuesday May 18, 2010, Hartl, Gerhard L. wrote: > > Hello all, > > > > I have been scratching my head for a few weeks now and still cannot get > > vcl ldap groups working. I have following the instruction on the mailing > > list regarding setting up the ldap.conf and ldapauth.php and while the > > user is properly authenticated, the groups do not follow. We are using > > OpenDS and the attribute that lists groups that a user is apart of is > > "ismemberof". I have pulled out the updateODUGroups function and > > populated the variables and find that I do get a match. > > > > Here is our match statement: > > > > for($i = 0; $i < $data[0]['ismemberof']['count']; $i++) { > > if(preg_match('/^cn=vcladmin,ou=group,ou=vcl,o=odu$/', > > $data[0]['ismemberof'][$i], $match) || > > preg_match('/^cn=vclimage,ou=group,ou=vcl,o=odu$/', > > $data[0]['ismemberof'][$i], $match)) > > > > This is what $match gets populated with: > > > > Array ( [0] => cn=vclimage,ou=group,ou=vcl,o=odu ) Array ( [0] => > > cn=vcladmin,ou=group,ou=vcl,o=odu ) > > > > Is there a better way to debug this? I am not sure where it is breaking. > > > > Gerhard Hartl > > Old Dominion University | ODU > - -- - ------------------------------- Josh Thompson Systems Programmer Advanced Computing | VCL Developer North Carolina State University josh_thomp...@ncsu.edu 919-515-5323 my GPG/PGP key can be found at pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAkvy8V0ACgkQV/LQcNdtPQOaowCfU8shflOBcSP6KDLLk/O2AnEz 9HsAn29UJeGUDsxBO62sXqXnuowNoiS5 =b1kw -----END PGP SIGNATURE-----
