mahara-contributors team mailing list archive
-
mahara-contributors team
-
Mailing list archive
-
Message #36822
[Bug 1607669] A change has been merged
Reviewed: https://reviews.mahara.org/6758
Committed: https://git.mahara.org/mahara/mahara/commit/1daee33a1ef67a0e0fc0599c67de08896408519e
Submitter: Aaron Wells (aaronw@xxxxxxxxxxxxxxx)
Branch: master
commit 1daee33a1ef67a0e0fc0599c67de08896408519e
Author: Ghada El-Zoghbi <ghada@xxxxxxxxxxxxxxx>
Date: Fri Jul 29 18:40:35 2016 +1000
bug#1607669: Validate the results of ldap_search() and ldap_list() when
syncing users.
When retrieving data from the LDAP server, check the results retrieved from
ldap_search() and ldap_list(). If there is an error, do not continue.
Otherwise, the sync_users() will assume that zero users were retrieved
from LDAP. It will then deleted or suspended users when
'If a user is no longer present in LDAP' is set to either suspend
users or delete them.
behatnotneeded
Change-Id: Ib57901c61f769d96720cf932d2e0d7f643853a56
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1607669
Title:
LDAP user sync incorrectly proceeds when LDAP list or search fails
Status in Mahara:
Fix Committed
Status in Mahara 15.04 series:
In Progress
Status in Mahara 15.10 series:
In Progress
Status in Mahara 16.04 series:
In Progress
Status in Mahara 16.10 series:
Fix Committed
Bug description:
Mahara: 16.04
DB: Postgres
OS: Linux
The LDAP user sync is incorrectly continuing when the search in the
context fails to contact the server.
The following error is generated in the cron.log file:
Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:937) ldap_list(): Search: Can't contact LDAP server
Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
Jul 29 00:01:05 server mahara-site: * log_message("ldap_list(): Search: Can't contact LDAP server", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 937)
at /var/www/mahara-site/lib/errors.php:489
Jul 29 00:01:05 server mahara-site: * error(2, "ldap_list(): Search: Can't contact LDAP server", "/var/www/mahara-site/auth/ldap/lib.php", 937, array(size 11)) a
t Unknown:0
Jul 29 00:01:05 server mahara-site: * ldap_list(resource(#87), "ou=people,o=ldapserver.xxx", "(uid=*)", array(size 5)) at /var/www/mahara-site/auth/ldap/lib.php:937
Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1
121
Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89
It then proceeds to sync the users:
Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:940) ldap_first_entry() expects parameter 2 to be resource, boolean given
Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
Jul 29 00:01:05 server mahara-site: * log_message("ldap_first_entry() expects parameter 2 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php
", 940) at /var/www/mahara-site/lib/errors.php:489
Jul 29 00:01:05 server mahara-site: * error(2, "ldap_first_entry() expects parameter 2 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 940, array(size
12)) at Unknown:0
Jul 29 00:01:05 server mahara-site: * ldap_first_entry(resource(#87), false) at /var/www/mahara-site/auth/ldap/lib.php:940
Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121
Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89
Jul 29 00:01:05 server mahara-site:
Jul 29 00:01:05 server mahara-site: [WAR] 29 (auth/ldap/lib.php:971) ldap_free_result() expects parameter 1 to be resource, boolean given
Jul 29 00:01:05 server mahara-site: Call stack (most recent first):
Jul 29 00:01:05 server mahara-site: * log_message("ldap_free_result() expects parameter 1 to be resou...", 8, true, true, "/var/www/mahara-site/auth/ldap/lib.php", 971) at /var/www/mahara-site/lib/errors.php:489
Jul 29 00:01:05 server mahara-site: * error(2, "ldap_free_result() expects parameter 1 to be resou...", "/var/www/mahara-site/auth/ldap/lib.php", 971, array(size 13)) at Unknown:0
Jul 29 00:01:05 server mahara-site: * ldap_free_result(false) at /var/www/mahara-site/auth/ldap/lib.php:971
Jul 29 00:01:05 server mahara-site: * AuthLdap->ldap_get_users_scalable("auth_ldap_extusers_temp", "extusername", "") at /var/www/mahara-site/auth/ldap/lib.php:1121
Jul 29 00:01:05 server mahara-site: * AuthLdap->sync_users() at /var/www/mahara-site/auth/ldap/lib.php:1614
Jul 29 00:01:05 server mahara-site: * PluginAuthLdap::auth_ldap_sync_cron() at Unknown:0
Jul 29 00:01:05 server mahara-site: * call_user_func_array(array(size 2), array(size 0)) at /var/www/mahara-site/lib/mahara.php:1714
Jul 29 00:01:05 server mahara-site: * call_static_method("PluginAuthLdap", "auth_ldap_sync_cron") at /var/www/mahara-site/lib/cron.php:89
Jul 29 00:01:05 server mahara-site:
Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1122) LDAP users found : 0
Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1169) 0 users known to Mahara
Jul 29 00:01:05 server mahara-site: [INF] 29 (auth/ldap/lib.php:1232) 45161 users no longer in LDAP
Because we've set the sync to suspend users, all LDAP users are then
suspended.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1607669/+subscriptions
References