cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
This question about Using an extension: Answered

WikiName is always imported as the login name

I'm integrating with an OpenLDAP directory. Logins work fine, but I want the WikiName to be displayName normalized (Name Surname normalized to NameSurname), but whatever I configure it, the wikiName will always be the uid used for authorization, which is very non-intuitive to reference users inside the wiki. Is there a known issue or additional trick? I'm using these settings:

$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::LdapPasswdUser';
$Foswiki::cfg{Ldap}{SecondaryPasswordManager} = 'Foswiki::Users::HtPasswdUser';
$Foswiki::cfg{Ldap}{Host} = 'whatever';
$Foswiki::cfg{Ldap}{Port} = whatever;
$Foswiki::cfg{Ldap}{LoginAttribute} = 'uid';
$Foswiki::cfg{Ldap}{WikiNameAttribute} = 'cn,sn';
$Foswiki::cfg{Ldap}{NormalizeWikiNames} = 1;
$Foswiki::cfg{Ldap}{Version} = '3';
$Foswiki::cfg{Ldap}{Base} = 'dc=local,dc=loc';
$Foswiki::cfg{Ldap}{BindDN} = '';
$Foswiki::cfg{Ldap}{BindPassword} = '';
$Foswiki::cfg{Ldap}{UseSASL} = 0;
$Foswiki::cfg{Ldap}{SASLMechanism} = 'PLAIN CRAM-MD5 EXTERNAL ANONYMOUS';
$Foswiki::cfg{Ldap}{UseTLS} = 0;
$Foswiki::cfg{Ldap}{TLSSSLVersion} = 'tlsv1';
$Foswiki::cfg{Ldap}{TLSVerify} = 'require';
$Foswiki::cfg{Ldap}{TLSCAPath} = '';
$Foswiki::cfg{Ldap}{TLSCAFile} = '';
$Foswiki::cfg{Ldap}{TLSClientCert} = '';
$Foswiki::cfg{Ldap}{TLSClientKey} = '';
$Foswiki::cfg{Ldap}{Debug} = 1;
$Foswiki::cfg{Ldap}{UserBase} = 'ou=people,dc=local,dc=loc';
$Foswiki::cfg{Ldap}{LoginFilter} = 'objectClass=posixAccount';
$Foswiki::cfg{Ldap}{NormalizeLoginNames} = 0;
$Foswiki::cfg{Ldap}{WikiNameAliases} = '';
$Foswiki::cfg{Ldap}{AllowChangePassword} = 0;
$Foswiki::cfg{Ldap}{GroupBase} = 'ou=group,dc=my,dc=domain,dc=com';
$Foswiki::cfg{Ldap}{PrimaryGroupAttribute} = 'gidNumber';
$Foswiki::cfg{Ldap}{WikiGroupsBackoff} = 1;
$Foswiki::cfg{Ldap}{NormalizeGroupNames} = 0;
$Foswiki::cfg{Ldap}{RewriteGroups} = {};
$Foswiki::cfg{Ldap}{MergeGroups} = 0;
$Foswiki::cfg{Ldap}{MaxCacheAge} = 86400;
$Foswiki::cfg{Ldap}{PageSize} = 500;
$Foswiki::cfg{Ldap}{Exclude} = 'WikiGuest, ProjectContributor, RegistrationAgent, UnknownUser, AdminGroup, NobodyGroup';

(full config attached)

However, the cache file seems to be ok, when I grep for my surname on it:

rbpereira
W2U::RodrigoPereira
rbpereira
DN2U::uid=rbpereira,ou=People,dc=local,dc=loc
RodrigoPereira
U2W::rbpereira
rbpereira@whatever
U2EMAIL::rbpereira
uid=rbpereira,ou=People,dc=local,dc=loc
U2DN::rbpereira
rbpereira
EMAIL2U::rbpereira@whatever

W2U does seem to be right though..

TIA

-- RodrigoPereira - 15 Nov 2009

You might need a space between cn and sn.

$Foswiki::cfg{Ldap}{WikiNameAttribute} = 'cn, sn';

After changing this setting you might have to refresh your LDAP cache for it to take effect.

-- MartinKaufmann - 18 Nov 2009

Thanks Martin. Tried that, but same result. I've also tried with a single attribute displayName which is the same as "cn sn". I've tried to wipe out the cache completely too, but same.

-- RodrigoPereira - 20 Nov 2009

I just had a look at your config file. Looks like you have the wrong UserMappingManager defined. You have to set it to LdapUserMapping:
$Foswiki::cfg{UserMappingManager} = 'Foswiki::Users::LdapUserMapping';
-- MartinKaufmann - 20 Nov 2009

Yes, that was it! Thank you so much!

-- RodrigoPereira - 21 Nov 2009

QuestionForm edit

Subject Using an extension
Extension LdapContrib
Version Foswiki 1.0.7
Status Answered
Topic attachments
I Attachment Action Size Date Who Comment
LocalSite.cfgcfg LocalSite.cfg manage 18 K 18 Nov 2009 - 04:05 RodrigoPereira Full foswiki config file
Topic revision: r7 - 21 Nov 2009, RodrigoPereira - This page was cached on 15 Aug 2018 - 20:58.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy