Group Sync in 1.3.2 & blank spaces in user names

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Group Sync in 1.3.2 & blank spaces in user names

Stefan Woehrer
Is there a known problem with ldap group synchronisation in 1.3.2?

The synchronisation works fine if it's the user's first login (...if the user is created). XWiki maps all AD groups to XWiki groups like it should.

When a admin deletes the user from the XWiki group (without changing anything in the AD) and the user logs in again, XWiki doesn't re-map the AD group membership to the XWiki group membership.

I have set:
xwiki.authentication.ldap.mode_group_sync=always
and for testing purposes:
xwiki.authentication.ldap.groupcache_expiration=60

The xwiki.authentication.ldap.group_mapping settings shall be fine, since it works at least for the first login.

Or do I have to set any other parameters as well? Thank you in advance!

--------

Plus: If the user name contains a blank space (like "AAA BBB") (please don't ask me why.................. ^^), the user itself seems to be created correctly (I can find the user in the "Users" tab in the Administration area), but when I list all members of a group this user belongs to, there are two entries in that list: "XWiki.AAA" and "BBB" (without "XWiki." before)... So there may goes something wrong when creation the relation between the group and the user.

Reply | Threaded
Open this post in threaded view
|

Re: Group Sync in 1.3.2 & blank spaces in user names

Thomas Mortagne
Administrator
Hi

On Thu, Jul 24, 2008 at 5:29 PM, Stefan Woehrer <[hidden email]> wrote:

>
> Is there a known problem with ldap group synchronisation in 1.3.2?
>
> The synchronisation works fine if it's the user's first login (...if the
> user is created). XWiki maps all AD groups to XWiki groups like it should.
>
> When a admin deletes the user from the XWiki group (without changing
> anything in the AD) and the user logs in again, XWiki doesn't re-map the AD
> group membership to the XWiki group membership.
>
> I have set:
> xwiki.authentication.ldap.mode_group_sync=always
> and for testing purposes:
> xwiki.authentication.ldap.groupcache_expiration=60
>
> The xwiki.authentication.ldap.group_mapping settings shall be fine, since it
> works at least for the first login.
>
> Or do I have to set any other parameters as well? Thank you in advance!

Your configuration seems correct to me. The only problem I know about
group synchronization in 1.3.2 append only when there is a something
on LDAP side that makes XWiki fail to get the LDAP groups from LDAP
(client/server network problem, LDAP user don't have rights to list
groups, etc.).

Don't you have any error in the log file ?

>
> --------
>
> Plus: If the user name contains a blank space (like "AAA BBB") (please don't
> ask me why.................. ^^), the user itself seems to be created
> correctly (I can find the user in the "Users" tab in the Administration
> area), but when I list all members of a group this user belongs to, there
> are two entries in that list: "XWiki.AAA" and "BBB" (without "XWiki."
> before)... So there may goes something wrong when creation the relation
> between the group and the user.

AFAIK there is a bug in 1.4.2 UI that cut group members by character
"," AND " " in group object. I think this has been fixed.

>
>
> --
> View this message in context: http://n2.nabble.com/Group-Sync-in-1.3.2---blank-spaces-in-user-names-tp580506p580506.html
> Sent from the XWiki- Users mailing list archive at Nabble.com.
>
> _______________________________________________
> users mailing list
> [hidden email]
> http://lists.xwiki.org/mailman/listinfo/users
>



--
Thomas Mortagne
_______________________________________________
users mailing list
[hidden email]
http://lists.xwiki.org/mailman/listinfo/users