Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-6060

Automatically assign creator LDAP does not work if a comma is in the DN

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.6
    • Fix Version/s: 1.8, 1.9
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      All
    • Database:
      Any
    • Affected Branches:
      MOODLE_16_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE

      Description

      Please look at the discussion from http://moodle.org/mod/forum/discuss.php?d=35865

      LDAP creator does not work with MSAD when there is a comma in the DN that is not a part of the path.

      In /auth/ldap/lib.php:

      Near line 1386 the php function ldap_get_dn is used to obtain the dn of a user account if in this user?s dn there is a comma (my example is ?cn=Bromley, James,ou=tech center,dc=mydomain,dc=com?) it is escaped with only one backslash. Then it is fed to ldap_read near line 1261. The problem is ldap_read needs the comma escaped with two backslashes. So: ?cn=Bromley, James,ou=tech center,dc=mydomain,dc=com? needs to become ?cn=Bromley\, James,ou=tech center,dc=mydomain,dc=com?).

      I could not find mention to this in the PHP website or on Mosilla?s website, except for another user pointing out in the comments of ldap_rename that things had to be escaped with two backslashes.

      A particularly helpful moodler Iñaki Arenaza found the actual cause for it not working and sujested this work aroung until a patch was available, replace the if block for if ($CFG->ldap_memberattribute_isdn) with the following:

      if ($CFG->ldap_memberattribute_isdn) {

      $username=auth_ldap_find_userdn($ldapconnection, $username);

      if (! $username )

      { return $result; }

      $username = preg_replace ('/
      ,/', '\\\\,', $username);

      }

      James Bromley

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              skodak Petr Skoda
              Reporter:
              imported Imported
              Tester:
              Nobody Nobody
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                31/Mar/07