SID-01827: LDAP format FIELDLIST not returning anything useful

Status:	Answered	TWiki version:	6.0.0	Perl version:	v5.14.2
Category:	LdapPlugin	Server OS:	FreeBSD 9.1-RELEASE	Last update:	12 years ago

Hi,

I'm trying to find out what valid attributes may I retrieve from an AD server (because $department and $title doesn't seem to work) and I'm trying it like so:

%LDAP{ filter="(&(objectClass=organizationalPerson)(sAMAccountName=csaba.szilveszter))" format="FIELDLIST" }%

It returns: FIELDLIST. Shouldn't it expand to a fieldlist or something?

-- Csaba Szilveszter - 2013-11-19

Discussion and Answer

The LDAP settings are likely not configured properly. Turn on the debug flag.

-- Peter Thoeny - 2013-11-19

TWiki can retrieve the $cn $mail $manager values correctly. Authentification through LDAP works. It's just the $department and $title that don't seem to expand. Ah and FIELDLIST doesn't get me the valid fields either.

But I'm ashamed not to have thought of debugging first. So let me remedy this: /var/log/httpd-error.log

[Wed Nov 20 10:40:08 2013] [error] [client 172.18.65.22] - LdapContrib - cacheAge=517419, maxCacheAge=86400, lastUpdate=1384419389, refresh=1
[Wed Nov 20 10:40:08 2013] [error] [client 172.18.65.22] - LdapContrib - WARNING: already refreshing cache
[Wed Nov 20 10:40:09 2013] [error] [client 172.18.65.22] - LdapContrib - called search(filter=(&(objectClass=organizationalPerson)(sAMAccountName=csaba.szilveszter)), base=DC=XX,DC=XXXXXXX,DC=XXXXX, scope=sub, limit=0, attrs=*)
[Wed Nov 20 10:40:09 2013] [error] [client 172.18.65.22] - LdapContrib - called connect
[Wed Nov 20 10:40:09 2013] [error] [client 172.18.65.22] - LdapContrib - proxy bind using CN=XXXXX,CN=XXXXX,DC=XX,DC=XXXXXXX,DC=XXXXX
[Wed Nov 20 10:40:09 2013] [error] [client 172.18.65.22] - LdapContrib - found 1 entries
[Wed Nov 20 10:40:09 2013] [error] [client 172.18.65.22] - LdapContrib - called disconnect()
[Wed Nov 20 10:40:10 2013] [error] [client 172.18.65.22] - LdapUserMapping - called eachGroupMember(TWikiAdminGroup)

Doesn't seem to help although.

-- Csaba Szilveszter - 2013-11-20

I've managed to get the values $title, $manager and even $physicalDeliveryOfficeName by changing the ldap port in configure from 3268 to 389.

But FIELDLIST is still not working and I'm out of ideas...

-- Csaba Szilveszter - 2013-11-20

I am glad that you can now get the values. Not sure about FIELDLIST. If you think this is a bug you can file a report at TWikibug:LdapPlugin.

-- Peter Thoeny - 2013-11-20

Thanks for the replies... TWikibug:Item7387 documented.

-- Csaba Szilveszter - 2013-11-21

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.