[TYPO3] LDAP Sync on Typo3 4.0 problem

R. van Twisk typo3 at rvt.dds.nl
Tue Jul 4 00:35:44 CEST 2006


Bing Du wrote:
> Bing Du wrote:
>   
>> Hi,
>>
>> Typo3 4.0.
>> lday_sync 0.2.1
>> ldap_lib 0.2.0
>> ldap_server 0.2.1
>> ldap_auth 0.2.1
>>
>> When I clicked Web->LDAP Sync, and then the 'FE Users and LDAP' 
>> sysFolder in the page tree, I have no problem seeing the defined ldap 
>> server listed.  However, clicking either 'Do Sync' or 'Simulate Sync' 
>> button doesn't make anything happen.  Where can I find more information 
>> on what LDAP Sync is doing?  Is it a LDAP connection problem or some 
>> problem prevents users info from being pulled out of the LDAP server 
>> (OpenLDAP)?
>>
>> The following is the ldap_server (OpenLDAP) config:
>>
>> Enable for backend authentication checkbox: checked
>> Servername: xxx.xxx.xxx.xx:389
>> ServerType: x500(OpenLDAP)
>> LDAP protocol version: 3
>> Base DN: DC=some,DC=edu
>> Filter for persons: (&(objectClass=*)(uid=###USERNAME###))
>> Configuration:
>> ==
>> FEusers = LDAP_SYNC
>> FEusers {
>>   enable = 1
>>   handleNotFound = 0
>>   table = fe_users
>>   pid = 56
>>   uniqueField = tx_ldapserver_dn
>>   fields {
>>     username = MAP_OBJECT
>>     username.attribute = uid
>>     username.userFunc = tx_ldapserver->getSingleValue
>>
>>     company = MAP_OBJECT
>>     company.attribute = isuPersonDeptName
>>     company.userFunc = tx_ldapserver->getSingleValue
>>
>>     name = MAP_OBJECT
>>     name.attribute = displayName
>>     name.userFunc = tx_ldapserver->getSingleValue
>>
>>     email = MAP_OBJECT
>>     email.attribute = mail
>>     email.userFunc = tx_ldapserver->getSingleValue
>>
>>     country = MAP_OBJECT
>>     country.attribute = co
>>     country.userFunc = tx_ldapserver->getSingleValue
>>
>>     telephone = MAP_OBJECT
>>     telephone.attribute = telephoneNumber
>>     telephone.userFunc = tx_ldapserver->getSingleValue
>>
>>     address = MAP_OBJECT
>>     address.attribute = postalAddress
>>     address.userFunc = tx_ldapserver->getSingleValue
>>
>>     tx_ldapserver_dn = MAP_OBJECT
>>     tx_ldapserver_dn.special = DN
>>
>>     password = MAP_OBJECT
>>     password.attribute = userClass
>>     password.include = 
>> /data/www/html/site/typo3conf/ext/jm_pubcookie/class.tx_jmpubcookie.php
>>     password.userFunc = tx_jmpubcookie->randomPassword
>>
>>     usergroup = MAP_OBJECT
>>     usergroup {
>>     attribute = userClass
>>     userFunc = tx_ldapserver->getFEGroups
>>     userFunc {
>>         pid = 56
>>         table = fe_groups
>>         identField = title
>>     }
>>     }
>>
>>
>>   }
>> }
>>
>>
>> BEusers = LDAP_SYNC
>> BEusers {
>>   enable = 1
>>   table = be_users
>>   pid = root
>>   handleNotFound = 0
>>   filter = (&(objectClass=person))
>>   uniqueField = tx_ldapserver_dn
>>   fields {
>>     username = MAP_OBJECT
>>     username.attribute = uid
>>     username.userFunc = tx_ldapserver->getSingleValue
>>
>>     password = MAP_OBJECT
>>     password.attribute = userClass
>>     password.include = 
>> /data/www/html/site/typo3conf/ext/jm_pubcookie/class.tx_jmpubcookie.php
>>     password.userFunc = tx_jmpubcookie->randomPassword
>>
>>     realName = MAP_OBJECT
>>     realName.attribute = displayName
>>     realName.userFunc = tx_ldapserver->getSingleValue
>>
>>     email = MAP_OBJECT
>>     email.attribute = mail
>>     email.userFunc = tx_ldapserver->getSingleValue
>>
>>     tx_ldapserver_dn = MAP_OBJECT
>>     tx_ldapserver_dn.special = DN
>>
>>     usergroup = MAP_OBJECT
>>     usergroup {
>>     attribute = userClass
>>     userFunc = tx_ldapserver->getBEGroups
>>     userFunc {
>>         pid = root
>>         table = be_groups
>>         identField = title
>>     }
>>     }
>>   }
>> }
>>
>> FEgroups < FEusers
>> FEgroups {
>>     table = fe_groups
>>         handleNotFound = 0
>>     filter = objectClass=userClass
>>     fields {
>>         username >
>>         email >
>>         name >
>>         password >
>>         usergroup >
>>                 company >
>>                 telephone >
>>                 country >
>>         title = MAP_OBJECT
>>         title.attribute = userClass
>>         title.userFunc = tx_ldapserver->getSingleValue
>>     }
>> }
>>
>>
>> BEgroups < FEusers
>> BEgroups {
>>         pid = root
>>     table = be_groups
>>     handleNotFound = 0
>>     filter = objectClass=userClass
>>     fields {
>>         username >
>>         email >
>>         name >
>>         password >
>>         usergroup >
>>                 company >
>>                 telephone >
>>                 country >
>>         title = MAP_OBJECT
>>         title.attribute = userClass
>>         title.userFunc = tx_ldapserver->getSingleValue
>>     }
>> }
>>
>> FEauth = LDAP_AUTH
>> FEauth {
>>   enable = 1
>>   table = fe_users
>>   SSO = 1
>>   SSO.10.include = 
>> /data/www/html/site/typo3conf/ext/jm_pubcookie/class.tx_jmpubcookie.php
>>   SSO.10.userFunc = tx_jmpubcookie->pubcookieUser
>>   sync < FEusers
>> }
>>
>> BEauth < FEauth
>> BEauth {
>>   table = be_users
>>   SSO = 1
>>   SSO.10.include = 
>> /data/www/html/site/typo3conf/ext/jm_pubcookie/class.tx_jmpubcookie.php
>>   SSO.10.userFunc = tx_jmpubcookie->pubcookieUser
>>   sync < BEusers
>> }
>> ==
>>
>> If I changed the OpenLDAP server to an AD server, the LDAP Sync module 
>> cannot not list the LDAP server at all.  But on the other side, the 
>> following configuration works great on the same server for us.
>>
>> Typo3 3.8.1
>> ldap_lib 0.2.0
>> ldap_server 0.2.0
>> ldap_auth 0.2.0
>> ldap_sync 0.2.0
>>
>> Anybody have any clue what might be wrong?  I'd appreciate any help.
>>
>> Thanks,
>>
>> Bing
>>     
>
>  From my testing, seems like if the ldap server is listed fine in LDAP 
> Sync, the LDAP connection is fine.  Now the problem is the user info 
> pulled from the LDAP is not written in the be_* and fe_* tables in the 
> database.  Is there any other option that needs to be turned on outside 
> of the ldap_lib, ldap_server, ldap_auth and ldap_sync extensions in 
> order to use ldap authentication?
>
> Bing
> _______________________________________________
>   

Hey Bing,

I just happen to do just that last weekend.
Can you check the RAW database tables if users are added? (if you don't 
see a error).

it more or less worked out of the box here...

Ries





More information about the TYPO3-english mailing list