Fix ldap:check-user method for newly created LDAP users#30938
Fix ldap:check-user method for newly created LDAP users#30938
Conversation
|
@goyome Does this answer your problem? Can you test it? |
|
/rebase |
59b5abe to
58da2ea
Compare
|
Hi @come-nc , thanks for the investigation but it still doesn't work for me $this->backend->userExistsOnLDAP($uid, true) returns nothing while $this->backend->loginName2UserName($uid) seems to do the job… |
|
@goyome Thank you for testing. The thing is that ldap:check-user, as most occ user related commands, is expecting an internal nextcloud username, but a non-mapped yet user has none. $ add_ldap_user_in_docker.sh newuser3
adding new entry "cn=newuser3,ou=people,dc=planetexpress,dc=com"
$ docker exec /nextcloud_nextcloud_1 occ ldap:check-user "cn=newuser3,ou=people,dc=planetexpress,dc=com" --update
The user is still available on LDAP.
entryuuid:
44d09de6-195c-103c-99ca-c3b0c166a522
dn:
cn=newuser3,ou=people,dc=planetexpress,dc=com
uid:
newuser3
mail:
[email protected]
cn:
newuser3An other option seem to be using a search first to trigger the mapping, but this only works if the search is not yet cached: $ add_ldap_user_in_docker.sh newuser4
adding new entry "cn=newuser4,ou=people,dc=planetexpress,dc=com"
$ docker exec /nextcloud_nextcloud_1 occ ldap:search newuser
newuser1 (newuser1)
newuser2 (newuser2)
newuser3 (newuser3)
newuser4 (newuser4)
$ docker exec /nextcloud_nextcloud_1 occ ldap:check-user newuser4 --update
The user is still available on LDAP.
entryuuid:
92d0c9a8-195c-103c-99cb-c3b0c166a522
dn:
cn=newuser4,ou=people,dc=planetexpress,dc=com
uid:
newuser4
mail:
[email protected]
cn:
newuser4
$ add_ldap_user_in_docker.sh newuser5
adding new entry "cn=newuser5,ou=people,dc=planetexpress,dc=com"
$ docker exec /nextcloud_nextcloud_1 occ ldap:search newuser
newuser1 (newuser1)
newuser2 (newuser2)
newuser3 (newuser3)
newuser4 (newuser4)
$ docker exec /nextcloud_nextcloud_1 occ ldap:check-user newuser5 --update
The given user is not a recognized LDAP user. |
|
Thanks @come-nc, that was it. Maybe you should specify that we have to use dn in the description of the --update option or use element of config (ldap_base_users and ldap_login_filter/ldap_expert_username_attr) to create the dn from the uid |
b08719f to
26b9ef5
Compare
|
@blizzz Could you have review on this one, because in the end I had to change a bit fetching to make sure it worked with a user DN as for a non-yet-mapped user there is no owncloud_name yet. |
Signed-off-by: Côme Chilliet <[email protected]>
…ser.php Co-authored-by: Carl Schwan <[email protected]> Signed-off-by: Côme Chilliet <[email protected]>
Signed-off-by: Côme Chilliet <[email protected]>
Signed-off-by: Côme Chilliet <[email protected]>
26b9ef5 to
44680b5
Compare
|
/backport to stable23 |
|
/backport to stable22 |
This completes #29837 by also ignoring cache for newly created users instead of only newly deleted users.
This replaces #29837 (and #29326 and #29451) and should fix #27948
Signed-off-by: Côme Chilliet [email protected]