[ZendTo] 4.99-6 : LDAP admin accounts and accents in organization name

carré, denis d.carre at maine-et-loire.fr
Tue Jan 16 10:19:19 GMT 2018


Hi Stephane, hi Jules,

thanks for your replies.

Problem is that, in all our web apps or windows session login, we ask our users to sign-in with their complete userprincipalname (since we switched  to Office 365), including the suffix.

I Can’t neither force a suffix in preferences.php, as we use different suffixes …

And, as stated :


  1.  Authentication actually works fine like this,
  2.  Just the Admin rights part doesn’t work (while it was OK previously with 4.11)…




Réponse ou transfert de la part de Denis CARRE
De : Jules [mailto:Jules at Zend.To]
Envoyé : mardi 16 janvier 2018 11:14
À : carré, denis <d.carre at maine-et-loire.fr>; ZendTo Users <zendto at Zend.To>
Objet : Re: [ZendTo] 4.99-6 : LDAP admin accounts and accents in organization name

Denis,

I wouldn't normally advise putting the "@domain.com" part in there.
Your users shouldn't need to enter that in addition to their username when they login, either.

Have you tried getting ldapsearch to produce valid answers without including the @domain.com part? That test should give you a BaseDN where you don't need it.

Cheers,
Jules.
On 16/01/2018 09:56, carré, denis wrote:
Hi Jules, thanks for your reply.

That’s what I did, I tried both :

'authLDAPAdmins'            => array(‘login1 at domain.com<mailto:login1 at domain.com>,’login2 at domain.com<mailto:login2 at domain.com>’),

'authAdmins'   => array(‘login1 at domain.com<mailto:login1 at domain.com>,’login2 at domain.com<mailto:login2 at domain.com>’),

But that doesn’t give me admin rights. I can login with both, but I’m logged as a standard user.

This config is working ok with my current (4.11) production version though….


Réponse ou transfert de la part de Denis CARRE
De : Jules [mailto:Jules at Zend.To]
Envoyé : mardi 16 janvier 2018 10:51
À : ZendTo Users <zendto at Zend.To><mailto:zendto at Zend.To>; carré, denis <d.carre at maine-et-loire.fr><mailto:d.carre at maine-et-loire.fr>
Objet : Re: [ZendTo] 4.99-6 : LDAP admin accounts and accents in organization name

Denis,

Try just putting your admin usernames into the preferences.php setting
    'authAdmins'
That certainly should work.

Thanks for the report about the organisation name, I will take a look. It sounds like the international characters may be getting squashed before the org name is stored.

Cheers,
Jules.
On 16/01/2018 09:09, carré, denis wrote:
Hi,

Many thanks for the work made so far. I installed yesterday latest beta (4.99-6) and almost everything seems quite good (I’m currently using a goold old 4.11 version, as I made a lot of translation work that I couldn’t easily reproduce when upgrading). I made a few changes in the french translation, but that’s a question of personnal taste.

From what I tried so far, the only problem with french accents I noticed are with the organisation name : The accent in the organization name disappears in the dropoff summary and in the emails (I can send screenshot by private message if needed)

The other problem I have is regarding LDAP admin accounts. I use the same LDAP config than I was previously using with 4.11 version, it works good (authentication against AD is working), but ADMIN ldap accounts don’t seem to be recognized any more (seen as standard users).

Regards,

Denis








_______________________________________________

ZendTo mailing list

ZendTo at zend.to<mailto:ZendTo at zend.to>

http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto




Jules



--

Julian Field MEng CEng CITP MBCS MIEEE MACM



'Always do sober what you said you'd do drunk. That will teach you

 to keep your mouth shut.' - Ernest Hemingway



www.Zend.To<http://www.Zend.To>

Twitter: @JulesFM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



Jules



--

Julian Field MEng CEng CITP MBCS MIEEE MACM



'Named must your fear be before banish it you can.' - Yoda



www.Zend.To<http://www.Zend.To>

Twitter: @JulesFM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20180116/be3bc6eb/attachment-0001.html 


More information about the ZendTo mailing list