-
Bug
-
Resolution: Fixed
-
Minor
-
2.9
-
MOODLE_29_STABLE
-
MOODLE_31_STABLE, MOODLE_32_STABLE
-
wip_master_mdl-50625_ldap_better_check_paged_results_support
-
The LDAP synchronisation scripts for users and enrolments (i.e. auth/ldap/cli/sync_users.php and enrol/ldap/cli/sync.php) use LDAP pagination control (page size). As far as I can tell this functionality is an extension to LDAPv3, not mandatory. If the LDAP server does not support this extension when you try to do the search you get the error "Critical extension is unavailable". Note that this error occurs on the call to PHP function ldap_list() or ldap_search() not the call to ldap_control_paged_result().
The LDAP enrolment plugin allows you to set a blank value for page size (enrol_ldap | pagesize). This causes the PHP function ldap_control_paged_result() to generate a warning and not send the pagination control request with the result that the LDAP query succeeds.
However, the LDAP authentication plugin does not allow a blank value (it's changed to 0) with the result that the ldap_control_paged_result() call works and the LDAP query consequently fails.
I suggest that this is a bug as Moodle is asserting that page control must be present if the server is LDAPv3 (see /lib/ldaplib.php:ldap_paged_results_supported()) whereas RFC-2696 says this is an extension to LDAPv3 making this an invalid assumption.
I think that both enrolment and authentication plugins should allow a blank value for page size and not call ldap_control_paged_result() if the value is empty.
- caused a regression
-
MDL-29536 CAS / LDAP server unavailable caused large timeouts
- Closed
-
MDL-58193 Ldap configuration not accessable when ldap server is not reachable
- Closed
-
MDL-58286 enrol_ldap incorrectly concludes that pagination is not supported
- Closed
-
MDL-58847 Synchronization script (enrol/ldap/lib.php) have problems with the courses that have a lot of users to sync (more than 1000)
- Closed
- has been marked as being related by
-
MDL-51216 LDAP course enrolment not working after upgrade
- Closed
- has to be done before
-
MDL-57558 ldap_get_entries_moodle() doesn't lowercase attribute names used as keys in the returned array.
- Closed