[racktables-users] Bug & solution regarding LDAP groups & autotags

• From: "Joep Ingen, van" <j.vaningen@xxxxxxxxxx>
• To: <racktables-users@xxxxxxxxxxxxx>
• Date: Mon, 17 May 2010 13:34:26 +0200

Hi list,
 
For a few days I've been trying to get the auto tags working for LDAP groups 
with our LDAP (eDirectory).
To get this function working I had to make a few modifications:
 
* eDirectory does not map by default the group memberships to the LDAP 
attribute 'memberof'. Make therefore an attribute mapping in the object holding 
the 'LDAP Group' class; map 'Group Membership' (NDS) to 'memberof' (LDAP)
 
* Modify the file ./inc/auth.php at line 366, changed how to check for the 
group's 'CN'. At our site, the part 'cn=' in the grouplist is in lowercase and 
RackTables only looks for uppercase. I've made a small modification to bypass 
this. See the patch file attached. The change is made in RackTables 0.17.10.
 
I do not know if this counts as a bug, but I thought it was worth mentioning.
 
Regards,
 
Joep van Ingen

###################################################################

* * *   D I S C L A I M E R   * * *

###################################################################

De informatie in dit e-mailbericht is vertrouwelijk en uitsluitend bestemd voor 
de geadresseerde. Wanneer u dit bericht per abuis ontvangt, gelieve 
onmiddellijk contact op te nemen met de afzender per kerende e-mail. Wij 
verzoeken u dit e-mailbericht te vernietigen en de inhoud ervan aan niemand 
openbaar te maken. Afzender aanvaardt geen enkele aansprakelijkheid voor 
onjuiste, onvolledige dan wel ontijdige overbrenging van de inhoud van een 
verzonden e-mailbericht, noch voor door haar daarbij overgebrachte virussen.

The information contained in this e-mail is confidential and may be privileged. 
It may be read, copied and used only by the intended recipient. If you have 
received it in error, please contact the sender immediately by return e-mail. 
Please delete this e-mail and do not disclose its contents to any person. 
Sender does not accept any liability for any errors, omissions, delays of 
receipt or viruses in the contents of this message which arise as a result of 
e-mail transmission.

Index: auth.php
===================================================================
--- auth.php    (revision 189)
+++ auth.php    (working copy)
@@ -363,7 +363,7 @@
                                foreach (explode (',', 
$info[0]['memberof'][$i]) as $pair)
                                {
                                        list ($attr_name, $attr_value) = 
explode ('=', $pair);
-                                       if ($attr_name == 'CN' and validTagName 
('$lgcn_' . $attr_value, TRUE))
+                                       if (strtoupper($attr_name) == 'CN' and 
validTagName ('$lgcn_' . $attr_value, TRUE))
                                                $ret['memberof'][] = '$lgcn_' . 
$attr_value;
                                }
        }

Other related posts:

• » [racktables-users] Bug & solution regarding LDAP groups & autotags - Joep Ingen, van
• » [racktables-users] Re: Bug & solution regarding LDAP groups & autotags- Denis Ovsienko

1. Home
2. racktables-users
3. Archive
4. 05-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---