Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix LDAP login for LDAP servers which require a full DN for binding #6773

Open
wants to merge 1 commit into
base: hotfix-7.10.x
Choose a base branch
from
Open

Fix LDAP login for LDAP servers which require a full DN for binding #6773

wants to merge 1 commit into from

Conversation

lazka
Copy link
Contributor

@lazka lazka commented Jan 17, 2019

Description

ldap_rdn_lookup() tries to bind with the username, the admin username and finally
anonymously, and then gives up. If that succeeds and it finds the username it will
try to bind with the username and if that fails with the full DN.

In our case (Microsoft LDAP) the server only allows binding with a full DN and not
anonymously, so ldap_rdn_lookup() fails and the full DN is never tried.

To fix this try binding with the full DN everywhere instead of just at the end.

Motivation and Context

I'd like to use SuiteCRM with our existing LDAP server.

How To Test This

Not sure.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Final checklist

  • My code follows the code style of this project found here.
  • My change requires a change to the documentation.
  • I have read the How to Contribute guidelines.

@codecov-io
Copy link

codecov-io commented Jan 17, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (hotfix-7.10.x@45c829c). Click here to learn what that means.
The diff coverage is 0%.

@@               Coverage Diff                @@
##             hotfix-7.10.x    #6773   +/-   ##
================================================
  Coverage                 ?    7.31%           
================================================
  Files                    ?     3735           
  Lines                    ?   386814           
  Branches                 ?        0           
================================================
  Hits                     ?    28294           
  Misses                   ?   358520           
  Partials                 ?        0

@jack7anderson7 jack7anderson7 added the PR:Community Contribution These are contribution made by the community label Jan 17, 2019
@lazka
Fix LDAP login for LDAP servers which require a full DN for binding
2e5a0ae 
ldap_rdn_lookup() tries to bind with the username, the admin username and finally
anonymously, and then gives up. If that succeeds and it finds the username it will
try to bind with the username and if that fails with the full DN.

In our case (Microsoft LDAP) the server only allows binding with a full DN and not
anonymously, so ldap_rdn_lookup() fails and the full DN is never tried.

To fix this try binding with the full DN everywhere instead of just at the end.
@salesagility salesagility deleted a comment Mar 12, 2019
@SuiteBot
Copy link

SuiteBot commented Aug 27, 2020
edited
Loading

CLA assistant check
All committers have signed the CLA.

@mattlorimer mattlorimer force-pushed the hotfix-7.10.x branch 2 times, most recently from 3149dea to ab954a4 Compare October 28, 2020 17:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
PR:Community Contribution These are contribution made by the community
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@lazka @codecov-io @SuiteBot @jack7anderson7