From 6d7c9f5da72a288a2f1cab577846dfc3265429ed Mon Sep 17 00:00:00 2001 From: Julio Cesar Laura Date: Tue, 27 Nov 2012 16:32:20 -0400 Subject: [PATCH] BUG 9894 Active Directory User Import not working SOLVED - Fields deprecated and wrong default filter for the ldap class - Those parameters are not used, now it is only used the additional filter, with this field you can create the same filters or more complex filters. Also, we've detected that the filter by default we are using the following condition: (objectCategory=person) So, your filter is not working anymore, now we have been removed that condition to search in all objects and if you want to limit the objects on which searches can be done, you have to add your own filter. --- rbac/engine/classes/plugins/class.ldap.php | 8 +- .../templates/authSources/authSourcesEdit.js | 110 ++++++------------ .../authSources/authSourceskindof.js | 76 ++++-------- 3 files changed, 60 insertions(+), 134 deletions(-) diff --git a/rbac/engine/classes/plugins/class.ldap.php b/rbac/engine/classes/plugins/class.ldap.php index 1bd1f1872..55c6357a7 100755 --- a/rbac/engine/classes/plugins/class.ldap.php +++ b/rbac/engine/classes/plugins/class.ldap.php @@ -148,9 +148,9 @@ class LDAP } } $sFilter = '(&(|(objectClass=*))'; - + if ( isset( $aAuthSource['AUTH_SOURCE_DATA']['LDAP_TYPE']) && $aAuthSource['AUTH_SOURCE_DATA']['LDAP_TYPE'] == 'ad' ) { - $sFilter = "(&(|(objectClass=*))(|(samaccountname=$sKeyword)(userprincipalname=$sKeyword))(objectCategory=person))"; + $sFilter = "(&(|(objectClass=*))(|(samaccountname=$sKeyword)(userprincipalname=$sKeyword)))"; } else $sFilter = "(&(|(objectClass=*))(|(uid=$sKeyword)(cn=$sKeyword)))"; @@ -158,7 +158,7 @@ class LDAP //G::pr($sFilter); $aUsers = array(); $oSearch = @ldap_search($oLink, $aAuthSource['AUTH_SOURCE_BASE_DN'], $sFilter, array('dn','uid','samaccountname', 'cn','givenname','sn','mail','userprincipalname','objectcategory', 'manager')); - + if ($oError = @ldap_errno($oLink)) { return $aUsers; } @@ -179,7 +179,7 @@ class LDAP 'sFirstname' => isset($aAttr['givenname']) ? $aAttr['givenname'] : '', 'sLastname' => isset($aAttr['sn']) ? $aAttr['sn'] : '', 'sEmail' => isset($aAttr['mail']) ? $aAttr['mail'] : ( isset($aAttr['userprincipalname'])?$aAttr['userprincipalname'] : '') , - 'sDN' => $aAttr['dn'] ); + 'sDN' => $aAttr['dn'] ); } } while ($oEntry = @ldap_next_entry($oLink, $oEntry)); } diff --git a/workflow/engine/templates/authSources/authSourcesEdit.js b/workflow/engine/templates/authSources/authSourcesEdit.js index d61dba2b9..c066ed5dc 100644 --- a/workflow/engine/templates/authSources/authSourcesEdit.js +++ b/workflow/engine/templates/authSources/authSourcesEdit.js @@ -37,7 +37,7 @@ Ext.onReady(function(){ hiddenName: 'LDAP_TYPE', store: new Ext.data.SimpleStore({ fields: ['ldap','ad'], - data : my_values + data : my_values }), displayField: 'ldap', typeAhead: true, @@ -48,10 +48,8 @@ Ext.onReady(function(){ listeners:{ select: function(c,d,i){ if(i){ - formAuthSourceE.getForm().findField('AUTH_SOURCE_ATTRIBUTES').setValue('cn' + "\n" + 'samaccountname' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'userprincipalname' + "\n" + 'telephonenumber'); formAuthSourceE.getForm().findField('AUTH_SOURCE_IDENTIFIER_FOR_USER').setValue('samaccountname'); } else { - formAuthSourceE.getForm().findField('AUTH_SOURCE_ATTRIBUTES').setValue('cn' + "\n" + 'uid' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'mail' + "\n" + 'mobile'); formAuthSourceE.getForm().findField('AUTH_SOURCE_IDENTIFIER_FOR_USER').setValue('uid'); } } @@ -59,8 +57,8 @@ Ext.onReady(function(){ }); var txtServerName=new Ext.form.TextField({ - id: 'AUTH_SOURCE_SERVER_NAME', - fieldLabel: _('ID_SERVER_NAME'), + id: 'AUTH_SOURCE_SERVER_NAME', + fieldLabel: _('ID_SERVER_NAME'), xtype:'textfield', value:'', width: 200, @@ -75,8 +73,8 @@ Ext.onReady(function(){ }); var txtPort=new Ext.form.TextField({ - id: 'AUTH_SOURCE_PORT', - fieldLabel: _('ID_PORT'), + id: 'AUTH_SOURCE_PORT', + fieldLabel: _('ID_PORT'), xtype:'textfield', value:'389', width: 200, @@ -123,11 +121,11 @@ Ext.onReady(function(){ var txtBaseDN=new Ext.form.TextField({ - id: 'AUTH_SOURCE_BASE_DN', - fieldLabel: _('ID_BASE_DN'), + id: 'AUTH_SOURCE_BASE_DN', + fieldLabel: _('ID_BASE_DN'), xtype:'textfield', value:sUID, - width: 200, + width: 300, autoCreate: {tag: 'input', type: 'text', size: '10', autocomplete: 'off', maxlength: '128'}, allowBlank: false, listeners: { @@ -163,20 +161,20 @@ Ext.onReady(function(){ Ext.getCmp("AUTH_SOURCE_PASSWORD").show(); txtPassword.getEl().up('.x-form-item').setDisplayed(true); }else{ - Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); + Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); Ext.getCmp("AUTH_SOURCE_SEARCH_USER").hide(); txtSearchUser.getEl().up('.x-form-item').setDisplayed(false); - Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); + Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); Ext.getCmp("AUTH_SOURCE_PASSWORD").hide(); - txtPassword.getEl().up('.x-form-item').setDisplayed(false); - } + txtPassword.getEl().up('.x-form-item').setDisplayed(false); + } } } }); var txtSearchUser=new Ext.form.TextField({ - id: 'AUTH_SOURCE_SEARCH_USER', - fieldLabel: _('ID_SEARCH_USER'), + id: 'AUTH_SOURCE_SEARCH_USER', + fieldLabel: _('ID_SEARCH_USER'), xtype:'textfield', value:'', width: 200, @@ -191,7 +189,7 @@ Ext.onReady(function(){ var txtPassword=new Ext.form.TextField({ id: 'AUTH_SOURCE_PASSWORD', - fieldLabel: _('ID_CACHE_PASSWORD'), + fieldLabel: _('ID_CACHE_PASSWORD'), xtype:'textfield', inputType:'password', value:'', @@ -208,7 +206,7 @@ Ext.onReady(function(){ //Identifier for an imported user var txtIdentifier=new Ext.form.TextField({ id: 'AUTH_SOURCE_IDENTIFIER_FOR_USER', - fieldLabel: _('ID_IDENTIFIER_IMPORT_USER'), + fieldLabel: _('ID_IDENTIFIER_IMPORT_USER'), xtype:'textfield', value:'', width: 200, @@ -221,28 +219,13 @@ Ext.onReady(function(){ } } }); -//Object Classes - var txtaClass=new Ext.form.TextArea({ - id: 'AUTH_SOURCE_OBJECT_CLASSES', - fieldLabel: _('ID_OBJECT_CLASS'), - xtype:'textarea', - value:'*', - width: 200, - allowBlank: false, - listeners: { - 'render': function(c) { - c.getEl().on('keyup', function() { - }, c); - } - } - }); //Additional Filter var txtoAddFilter=new Ext.form.TextField({ id: 'AUTH_SOURCE_ADDITIONAL_FILTER', - fieldLabel: _('ID_ADDITIONAL_FILTER'), + fieldLabel: _('ID_ADDITIONAL_FILTER'), xtype:'textfield', value:'', - width: 200, + width: 300, autoCreate: {tag: 'input', type: 'text', size: '20', autocomplete: 'off', maxlength: '200'}, allowBlank: true, listeners: { @@ -252,21 +235,6 @@ Ext.onReady(function(){ } } }); -//Attributes - var txtAttributes=new Ext.form.TextArea({ - id: 'AUTH_SOURCE_ATTRIBUTES', - fieldLabel: _('ID_ATTRIBUTES'), - xtype:'textArea', - value:'cn' + "\n" + 'uid' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'mail' + "\n" + 'mobile', - width: 200, - allowBlank: false, - listeners: { - 'render': function(c) { - c.getEl().on('keyup', function() { - }, c); - } - } - }); //here we are setting the fields fieldsAS = new Ext.form.FieldSet({ title: _('ID_AUTHENTICATION_SOURCE_INF_TITLE'), @@ -274,7 +242,7 @@ Ext.onReady(function(){ txtSourceId, txtName, cboxType, - txtServerName, + txtServerName, txtPort, cboxTLS, cboxVersion, @@ -283,14 +251,12 @@ Ext.onReady(function(){ txtSearchUser, txtPassword , txtIdentifier, - txtaClass, txtoAddFilter, - txtAttributes - ] + ] }); formAuthSourceE = new Ext.FormPanel({ - id:'formAuthSourceE', + id:'formAuthSourceE', labelWidth: 250, labelAlign:'right', autoScroll: true, @@ -304,7 +270,7 @@ Ext.onReady(function(){ allowBlank: false, resizable: true, msgTarget: 'side', - align:'center' + align:'center' }, items:[ fieldsAS @@ -312,19 +278,19 @@ Ext.onReady(function(){ buttons: [ { text: _('ID_SAVE'), - handler: saveAuthSources + handler: saveAuthSources }, - { + { text: _('ID_CANCEL'), handler: goback } ] - + }); formAuthSourceE.render(document.body); loadAuthSourceData(sUID, txtSearchUser, txtPassword); - + }); function goback(){ window.location = 'authSources_List'; @@ -334,7 +300,7 @@ Ext.onReady(function(){ url: '../adminProxy/saveAuthSources', params: { // action : 'tryit', - AUTH_SOURCE_UID: formAuthSourceE.getForm().findField('AUTH_SOURCE_UID').getValue(), + AUTH_SOURCE_UID: formAuthSourceE.getForm().findField('AUTH_SOURCE_UID').getValue(), AUTH_SOURCE_NAME: formAuthSourceE.getForm().findField('AUTH_SOURCE_NAME').getValue(), LDAP_TYPE: formAuthSourceE.getForm().findField('LDAP_TYPE').getValue(), AUTH_SOURCE_SERVER_NAME: formAuthSourceE.getForm().findField('AUTH_SOURCE_SERVER_NAME').getValue(), @@ -344,14 +310,12 @@ Ext.onReady(function(){ AUTH_SOURCE_SEARCH_USER: formAuthSourceE.getForm().findField('AUTH_SOURCE_SEARCH_USER').getValue(), AUTH_SOURCE_PASSWORD: formAuthSourceE.getForm().findField('AUTH_SOURCE_PASSWORD').getValue(), AUTH_SOURCE_VERSION: formAuthSourceE.getForm().findField('AUTH_SOURCE_VERSION').getValue(), - AUTH_SOURCE_BASE_DN: formAuthSourceE.getForm().findField('AUTH_SOURCE_BASE_DN').getValue(), - AUTH_SOURCE_OBJECT_CLASSES: formAuthSourceE.getForm().findField('AUTH_SOURCE_OBJECT_CLASSES').getValue(), - AUTH_SOURCE_ATTRIBUTES: formAuthSourceE.getForm().findField('AUTH_SOURCE_ATTRIBUTES').getValue() + AUTH_SOURCE_BASE_DN: formAuthSourceE.getForm().findField('AUTH_SOURCE_BASE_DN').getValue() }, - waitMsg : 'testing...', + waitMsg : _('ID_SAVING'), timeout : 3600, success: function(f,a){ - + resp = Ext.util.JSON.decode(a.response.responseText); if (resp.success){ window.location = 'authSources_List'; @@ -367,7 +331,7 @@ Ext.onReady(function(){ } }); } - + // Load authosource data for the Edit mode function loadAuthSourceData(sUID, txtSearchUser, txtPassword){ Ext.Ajax.request({ @@ -376,7 +340,7 @@ function loadAuthSourceData(sUID, txtSearchUser, txtPassword){ 'action': 'loadauthSourceData', sUID:sUID }, - waitMsg: _('ID_UPLOADING_PROCESS_FILE'), + waitMsg: _('ID_UPLOADING_PROCESS_FILE'), success: function(r,o){ var data = Ext.util.JSON.decode(r.responseText); @@ -388,16 +352,16 @@ function loadAuthSourceData(sUID, txtSearchUser, txtPassword){ Ext.getCmp("AUTH_SOURCE_PASSWORD").show(); txtPassword.getEl().up('.x-form-item').setDisplayed(true); }else{ - Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); + Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); Ext.getCmp("AUTH_SOURCE_SEARCH_USER").hide(); txtSearchUser.getEl().up('.x-form-item').setDisplayed(false); - Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); + Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); Ext.getCmp("AUTH_SOURCE_PASSWORD").hide(); - txtPassword.getEl().up('.x-form-item').setDisplayed(false); + txtPassword.getEl().up('.x-form-item').setDisplayed(false); } Ext.getCmp('formAuthSourceE').getForm().setValues({ - + AUTH_SOURCE_UID: data.sources.AUTH_SOURCE_UID, AUTH_SOURCE_NAME: data.sources.AUTH_SOURCE_NAME , LDAP_TYPE: (data.sources.LDAP_TYPE=='ad')?'Active Directory':data.sources.LDAP_TYPE, @@ -410,8 +374,6 @@ function loadAuthSourceData(sUID, txtSearchUser, txtPassword){ AUTH_SOURCE_IDENTIFIER_FOR_USER: data.sources.AUTH_SOURCE_IDENTIFIER_FOR_USER, AUTH_SOURCE_VERSION: data.sources.AUTH_SOURCE_VERSION, AUTH_SOURCE_BASE_DN: data.sources.AUTH_SOURCE_BASE_DN, - AUTH_SOURCE_OBJECT_CLASSES: data.sources.AUTH_SOURCE_OBJECT_CLASSES, - AUTH_SOURCE_ATTRIBUTES:data.sources.AUTH_SOURCE_ATTRIBUTES, AUTH_SOURCE_ADDITIONAL_FILTER:data.sources.AUTH_SOURCE_ADDITIONAL_FILTER }) }, diff --git a/workflow/engine/templates/authSources/authSourceskindof.js b/workflow/engine/templates/authSources/authSourceskindof.js index d0512dd36..e7e360500 100644 --- a/workflow/engine/templates/authSources/authSourceskindof.js +++ b/workflow/engine/templates/authSources/authSourceskindof.js @@ -47,7 +47,7 @@ Ext.onReady(function(){ hiddenName: 'LDAP_TYPE', store: new Ext.data.SimpleStore({ fields: ['ldap','ad'], - data : my_values + data : my_values }), displayField: 'ldap', typeAhead: true, @@ -59,10 +59,8 @@ Ext.onReady(function(){ listeners:{ select: function(c,d,i){ if(i){ - formAuthSource.getForm().findField('AUTH_SOURCE_ATTRIBUTES').setValue('cn' + "\n" + 'samaccountname' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'userprincipalname' + "\n" + 'telephonenumber'); formAuthSource.getForm().findField('AUTH_SOURCE_IDENTIFIER_FOR_USER').setValue('samaccountname'); } else { - formAuthSource.getForm().findField('AUTH_SOURCE_ATTRIBUTES').setValue('cn' + "\n" + 'uid' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'mail' + "\n" + 'mobile'); formAuthSource.getForm().findField('AUTH_SOURCE_IDENTIFIER_FOR_USER').setValue('uid'); } } @@ -71,7 +69,7 @@ Ext.onReady(function(){ var txtServerName=new Ext.form.TextField({ id: 'AUTH_SOURCE_SERVER_NAME', - fieldLabel: _('ID_SERVER_NAME'), + fieldLabel: _('ID_SERVER_NAME'), xtype:'textfield', value:'', width: 200, @@ -87,7 +85,7 @@ Ext.onReady(function(){ var txtPort=new Ext.form.TextField({ id: 'AUTH_SOURCE_PORT', - fieldLabel: _('ID_PORT'), + fieldLabel: _('ID_PORT'), xtype:'textfield', value:'389', width: 200, @@ -143,7 +141,7 @@ Ext.onReady(function(){ fieldLabel: _('ID_BASE_DN'), xtype:'textfield', value:'', - width: 200, + width: 300, autoCreate: {tag: 'input', type: 'text', size: '10', autocomplete: 'off', maxlength: '128'}, allowBlank: false, listeners: { @@ -181,20 +179,20 @@ Ext.onReady(function(){ Ext.getCmp("AUTH_SOURCE_PASSWORD").show(); txtPassword.getEl().up('.x-form-item').setDisplayed(true); }else{ - Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); + Ext.getCmp("AUTH_SOURCE_SEARCH_USER").disable(); Ext.getCmp("AUTH_SOURCE_SEARCH_USER").hide(); txtSearchUser.getEl().up('.x-form-item').setDisplayed(false); - Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); + Ext.getCmp("AUTH_SOURCE_PASSWORD").disable(); Ext.getCmp("AUTH_SOURCE_PASSWORD").hide(); txtPassword.getEl().up('.x-form-item').setDisplayed(false); - } + } } } }); var txtSearchUser=new Ext.form.TextField({ id: 'AUTH_SOURCE_SEARCH_USER', - fieldLabel: _('ID_SEARCH_USER'), + fieldLabel: _('ID_SEARCH_USER'), xtype:'textfield', value:'', width: 200, @@ -209,7 +207,7 @@ Ext.onReady(function(){ var txtPassword=new Ext.form.TextField({ id: 'AUTH_SOURCE_PASSWORD', - fieldLabel: _('ID_CACHE_PASSWORD'), + fieldLabel: _('ID_CACHE_PASSWORD'), xtype:'textfield', inputType:'password', value:'', @@ -226,7 +224,7 @@ Ext.onReady(function(){ //Identifier for an imported user var txtIdentifier=new Ext.form.TextField({ id: 'AUTH_SOURCE_IDENTIFIER_FOR_USER', - fieldLabel: _('ID_IDENTIFIER_IMPORT_USER'), + fieldLabel: _('ID_IDENTIFIER_IMPORT_USER'), xtype:'textfield', value:'uid', width: 200, @@ -239,28 +237,13 @@ Ext.onReady(function(){ } } }); -//Object Classes - var txtaClass=new Ext.form.TextArea({ - id: 'AUTH_SOURCE_OBJECT_CLASSES', - fieldLabel: _('ID_OBJECT_CLASS'), - xtype:'textarea', - value:'*', - width: 200, - allowBlank: false, - listeners: { - 'render': function(c) { - c.getEl().on('keyup', function() { - }, c); - } - } - }); //Additional Filter var txtoAddFilter=new Ext.form.TextField({ id: 'AUTH_SOURCE_ADDITIONAL_FILTER', fieldLabel: _('ID_ADDITIONAL_FILTER'), xtype:'textfield', value:'', - width: 200, + width: 300, autoCreate: {tag: 'input', type: 'text', size: '20', autocomplete: 'off', maxlength: '200'}, allowBlank: true, listeners: { @@ -270,21 +253,6 @@ Ext.onReady(function(){ } } }); -//Attributes - var txtAttributes=new Ext.form.TextArea({ - id: 'AUTH_SOURCE_ATTRIBUTES', - fieldLabel: _('ID_ATTRIBUTES'), - xtype:'textArea', - value:'cn' + "\n" + 'uid' + "\n" + 'givenname' + "\n" + 'sn' + "\n" + 'mail' + "\n" + 'mobile', - width: 200, - allowBlank: false, - listeners: { - 'render': function(c) { - c.getEl().on('keyup', function() { - }, c); - } - } - }); //here we are setting the fields fieldsAS = new Ext.form.FieldSet({ title: _('ID_AUTHENTICATION_SOURCE_INFORMATION'), @@ -302,9 +270,7 @@ Ext.onReady(function(){ txtSearchUser, txtPassword , txtIdentifier, - txtaClass, - txtoAddFilter, - txtAttributes + txtoAddFilter ] }); @@ -333,18 +299,18 @@ Ext.onReady(function(){ { text: _('ID_SAVE'), handler: TestSite - + }, - { + { text: _('ID_CANCEL'), handler: goback } ] - + }); formAuthSource.render(document.body); - + }); function goback(){ window.location = 'authSources_List'; @@ -354,7 +320,7 @@ Ext.onReady(function(){ url: '../adminProxy/saveAuthSources', params: { // action : 'tryit', - AUTH_SOURCE_UID: formAuthSource.getForm().findField('AUTH_SOURCE_UID').getValue(), + AUTH_SOURCE_UID: formAuthSource.getForm().findField('AUTH_SOURCE_UID').getValue(), AUTH_SOURCE_NAME: formAuthSource.getForm().findField('AUTH_SOURCE_NAME').getValue(), LDAP_TYPE: formAuthSource.getForm().findField('LDAP_TYPE').getValue(), AUTH_SOURCE_SERVER_NAME: formAuthSource.getForm().findField('AUTH_SOURCE_SERVER_NAME').getValue(), @@ -365,15 +331,13 @@ Ext.onReady(function(){ AUTH_SOURCE_PASSWORD: formAuthSource.getForm().findField('AUTH_SOURCE_PASSWORD').getValue(), AUTH_SOURCE_VERSION: formAuthSource.getForm().findField('AUTH_SOURCE_VERSION').getValue(), AUTH_SOURCE_BASE_DN: formAuthSource.getForm().findField('AUTH_SOURCE_BASE_DN').getValue(), - AUTH_SOURCE_OBJECT_CLASSES: formAuthSource.getForm().findField('AUTH_SOURCE_OBJECT_CLASSES').getValue(), - AUTH_SOURCE_ATTRIBUTES: formAuthSource.getForm().findField('AUTH_SOURCE_ATTRIBUTES').getValue(), AUTH_SOURCE_ADDITIONAL_FILTER: formAuthSource.getForm().findField('AUTH_SOURCE_ADDITIONAL_FILTER').getValue() - + }, - waitMsg : 'testing...', + waitMsg : _('ID_SAVING'), timeout : 3600, success: function(f,a){ - + resp = Ext.util.JSON.decode(a.response.responseText); if (resp.success){ window.location = 'authSources_List';