php sync_users.php -i='myInstitution' -f=mail=*
Thanks for your collaboration
]]>I have verified that some users don't have mail
[INF] dd (auth/ldap/lib.php:2081) ---------- started institution user sync for institution "myInstitution" at Mon, 26 Sep 2016 08:48:08 +0200 ----------
[INF] dd (auth/ldap/lib.php:1087) ---------- started usersync for instance 3 at Mon, 26 Sep 2016 08:48:08 +0200 ----------
[INF] dd (auth/ldap/lib.php:924) retrieving these fields: givenName,sn,mail,mailNickname,cn,sAMAccountName
[INF] dd (auth/ldap/lib.php:924)
.[WAR] dd (auth/ldap/lib.php:966) Ldap record contained no mail field to map to DB email
Call stack (most recent first):
* log_message(string(size 54), integer, true, true) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:95
* log_warn(string(size 54)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:966
* AuthLdap->ldap_get_users_scalable(string(size 23), string(size 11), string(size 274)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:1133
* AuthLdap->sync_users(false) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:2119
* auth_ldap_sync_users(string(size 5), null, null, null, null, null, null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:175
[WAR] dd (auth/ldap/lib.php:966) Ldap record contained no mailnickname field to map to DB studentid
Call stack (most recent first):
* log_message(string(size 66), integer, true, true) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:95
* log_warn(string(size 66)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:966
* AuthLdap->ldap_get_users_scalable(string(size 23), string(size 11), string(size 274)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:1133
* AuthLdap->sync_users(false) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:2119
* auth_ldap_sync_users(string(size 5), null, null, null, null, null, null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:175
[WAR] dd (auth/ldap/lib.php:966) Ldap record contained no mail field to map to DB email
Call stack (most recent first):
* log_message(string(size 54), integer, true, true) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:95
* log_warn(string(size 54)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:966
* AuthLdap->ldap_get_users_scalable(string(size 23), string(size 11), string(size 274)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:1133
* AuthLdap->sync_users(false) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:2119
* auth_ldap_sync_users(string(size 5), null, null, null, null, null, null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:175
[WAR] dd (auth/ldap/lib.php:966) Ldap record contained no mailnickname field to map to DB studentid
Call stack (most recent first):
* log_message(string(size 66), integer, true, true) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:95
* log_warn(string(size 66)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:966
* AuthLdap->ldap_get_users_scalable(string(size 23), string(size 11), string(size 274)) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:1133
* AuthLdap->sync_users(false) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:2119
* auth_ldap_sync_users(string(size 5), null, null, null, null, null, null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:175
.
[INF] dd (auth/ldap/lib.php:1139) LDAP users found : 212
[INF] dd (auth/ldap/lib.php:1186) 0 users known to Mahara
[INF] dd (auth/ldap/lib.php:1233) user auto-suspend/delete disabled
[INF] dd (auth/ldap/lib.php:1300) 212 LDAP users unknown to Mahara
[INF] dd (auth/ldap/lib.php:1303) creating user abbinantea
sh: 1: /usr/sbin/sendmail: not found
sh: 1: /usr/sbin/sendmail: not found
[INF] dd (auth/ldap/lib.php:1303) creating user afferrib
sh: 1: /usr/sbin/sendmail: not found
[INF] dd (auth/ldap/lib.php:1303) creating user altieros
sh: 1: /usr/sbin/sendmail: not found
[INF] dd (auth/ldap/lib.php:1303) creating user amatir
sh: 1: /usr/sbin/sendmail: not found
[INF] dd (auth/ldap/lib.php:1303) creating user amorosis
[WAR] dd (lib/errors.php:820) Failed to get a recordset: mysqli error: [1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? LIMIT 2' at line 1] in EXECUTE("SELECT * FROM "usr" WHERE "email" = ? LIMIT 2")
[WAR] dd (lib/errors.php:820) Command was: SELECT * FROM "usr" WHERE "email" = ?
Call stack (most recent first):
* log_message(string(size 320), integer, true, true) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:95
* log_warn(string(size 320)) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:820
* SQLException->__construct(string(size 320)) at /var/www/html/mahara-16.04.3/htdocs/lib/dml.php:514
* get_recordset_sql(string(size 39), array(size 0), integer, integer) at /var/www/html/mahara-16.04.3/htdocs/lib/dml.php:333
* get_record_sql(string(size 39), array(size 0), integer) at /var/www/html/mahara-16.04.3/htdocs/lib/dml.php:302
* get_record(string(size 3), string(size 5), null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:1318
* AuthLdap->sync_users(false) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:2119
* auth_ldap_sync_users(string(size 5), null, null, null, null, null, null) at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:175
[INF] dd (auth/ldap/lib.php:1343) LDAP (users:0) (updated:0) (unsuspended:0) (created:4) (suspended:0) (deleted:0) (ignored:0) (errors:0)
[WAR] dd (lib/web.php:1898) Cannot modify header information - headers already sent by (output started at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:978)
Call stack (most recent first):
* log_message(string(size 136), integer, true, true, string(size 47), integer) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:513
* error(integer, string(size 136), string(size 47), integer, array(size 6)) at Unknown:0
* setcookie(string(size 15), string(size 6), string(size 10), string(size 23), string(size 10), false, true) at /var/www/html/mahara-16.04.3/htdocs/lib/web.php:1898
* set_cookie(string(size 15), string(size 6), string(size 10), true) at /var/www/html/mahara-16.04.3/htdocs/auth/user.php:1532
* LiveUser->logout() at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:179
Failed to get a recordset: mysqli error: [1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? LIMIT 2' at line 1] in EXECUTE("SELECT * FROM "usr" WHERE "email" = ? LIMIT 2")
Command was: SELECT * FROM "usr" WHERE "email" = ?
Can you please include the error log for this error - the one that identifies where in the code this query is running (i.e. with the stack trace)?
Thanks,
Ghada
]]>
I'm trying to use sync_user_group.php and I have problem with user without mail
Failed to get a recordset: mysqli error: [1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? LIMIT 2' at line 1] in EXECUTE("SELECT * FROM "usr" WHERE "email" = ? LIMIT 2")
Is there a workaround for this problem ?
I can sync users anyway?
Thanks
Oronzo
]]>I've had a look at the code, and both ldap_get_users() and ldap_get_users_scalable(() (see auth/ldap/lib.php) have the following piece of code:
$filter = "(" . $this->config['user_attribute'] . "=*)";
if (!empty($this->config['objectclass'])) {
$filter .= "&(" . $this->config['objectclass'] . "))";
}
if ($extrafilter) {
$filter = "(&$filter($extrafilter))";
}
This code has two issues:
[1] See https://tools.ietf.org/search/rfc4515#section-3 for String Search Filter Definition
When processing $extrafilter we need to check whether the filter specified by the user starts with a '(' or not (after trimming all the leading and trailing white space, of course). If it does, we use it as is. If it doesn't, we need to put additional parenthesis around it to produce a valid filter.
[2] This is what is happening to Oronzo. In this case, while the code is fixed, Oronzo would just need to remove the outer-most parenthesis of the filter (as the code will add them unconditionally). This should work:
&(objectCategory=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(|(memberof=CN=D****,OU=_Liste Dis****one,DC=****,DC=it)(memberof=CN=som****,OU=_Li****,DC=****,,DC=it)(memberof=CN=Coll****i,OU=_Liste ****,DC=****,DC=it))
Saludos.
Iñaki.
]]>
I'm afraid I don't really know much about LDAP filters. Perhaps someone else who knows can help.
Good luck.
Cheers,
Ghada
]]>thanks for your answer you have right.
how can I implement this LDAP query to filter the users in Additional LDAP filter for sync?
I have obscured some data
(&(objectCategory=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(|(memberof=CN=D****,OU=_Liste Dis****one,DC=****,DC=it)(memberof=CN=som****,OU=_Li****,DC=****,,DC=it)(memberof=CN=Coll****i,OU=_Liste ****,DC=****,DC=it)))
The only filter that seems to work are only
memberof=CN=D****,OU=_Liste Dis****one,DC=****,DC=it or
memberof=CN=som****,OU=_Li****,DC=****,,DC=it or
memberof=CN=Coll****i,OU=_Liste ****,DC=****,DC=it
can I have this filters in and condition (&) ? If I use this filter I see an error running the script
/auth/ldap/cli/sync_users.php
ldap_search(): Search: Bad search filter
thanks
Oronzo
]]>
If you scroll down that page, there is a section about user sync. If you expand it, you can enable the cron user sync.
Cheers,
Ghada
]]>
In attachment my configuration with data obscured
Thanks
Oronzo
]]>From the logs, I can see that you have auto user update and create disabled.
You will need to update the institution's LDAP auth settings to allow user sync on. You can do this from the GUI. You can also select to create the users.
If you also want users deleted, I recommend that you select to suspend users instead of delete. It's just a safe guard. Otherwise, it will delete users along with their portfolios and files.
I hope this helps. Please let me know if you need anything else.
Cheers,
Ghada
]]>
I'm also trying to use the script
auth/ldap/cli/sync_users.php -i='institution'
The script find the users but there are many errors and no users are added in Mahara
INF] fa (auth/ldap/lib.php:2081) ---------- started institution user sync for institution "institution" at Fri, 23 Sep 2016 09:27:55 +0200 ----------
[INF] fa (auth/ldap/lib.php:1087) ---------- started usersync for instance 3 at Fri, 23 Sep 2016 09:27:55 +0200 ----------
[INF] fa (auth/ldap/lib.php:924) retrieving these fields: sAMAccountName,sAMAccountName,cn
[INF] fa (auth/ldap/lib.php:924)
..
[INF] fa (auth/ldap/lib.php:1139) LDAP users found : 274
[INF] fa (auth/ldap/lib.php:1156) user auto-update disabled
[INF] fa (auth/ldap/lib.php:1233) user auto-suspend/delete disabled
[INF] fa (auth/ldap/lib.php:1280) user auto-creation disabled
[INF] fa (auth/ldap/lib.php:1347) LDAP (users:0) (updated:0) (unsuspended:0) (created:0) (suspended:0) (deleted:0) (ignored:0) (errors:0)
[INF] fa (auth/ldap/lib.php:1348) ---------- ended at Fri, 23 Sep 2016 09:27:56 +0200 ----------
[INF] fa (auth/ldap/lib.php:2122) ---------- finished institutino user sync at Fri, 23 Sep 2016 09:27:56 +0200 ----------
[WAR] fa (lib/web.php:1898) Cannot modify header information - headers already sent by (output started at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/lib.php:978)
Call stack (most recent first):
* log_message(string(size 136), integer, true, true, string(size 47), integer) at /var/www/html/mahara-16.04.3/htdocs/lib/errors.php:513
* error(integer, string(size 136), string(size 47), integer, array(size 6)) at Unknown:0
* setcookie(string(size 15), string(size 6), string(size 10), string(size 23), string(size 10), false, true) at /var/www/html/mahara-16.04.3/htdocs/lib/web.php:1898
* set_cookie(string(size 15), string(size 6), string(size 10), true) at /var/www/html/mahara-16.04.3/htdocs/auth/user.php:1532
* LiveUser->logout() at /var/www/html/mahara-16.04.3/htdocs/auth/ldap/cli/sync_users.php:183
You have two errors below:
1. [Thu Sep 22 11:03:52.332582 2016] - which is the LDAP error raised during the ldap_search() for the user trying to log in.
You actually establish a connection with the ldap server (on line 139 in auth/ldap/lib.php). Then, a call is made to find the user in your directory (on line 141 of auth/ldap/lb.php).
It's during the user search (ldap_search) made with your 'Contexts' and 'User attribute' you supplied in the configuration that it fails on.
So, you will need to review those two fields: 'Contexts' and 'User attribute' .
2. [Thu Sep 22 10:55:37.779687 2016] - which is to do with a user trying to register on your site but there are no institutions set up with registration enabled.
Cheers,
Ghada
]]>
Mahara version 15.10.2 on my virtual server bitnami
It is my configuration error?
What should I check ?
Thu Sep 22 10:55:37.779687 2016] [proxy_fcgi:error] [pid 1952:tid 140307580413696] [client 10.0.98.133:51743] AH01071: Got error 'PHP message: [WAR] bc (auth/lib.php:2105) Invalid argument supplied for foreach()\nPHP message: Call stack (most recent first):\nPHP message: * log_message("Invalid argument supplied for foreach()", 8, true, true, "/opt/bitnami/apps/mahara/htdocs/auth/lib.php", 2105) at /opt/bitnami/apps/mahara/htdocs/lib/errors.php:441\nPHP message: * error(2, "Invalid argument supplied for foreach()", "/opt/bitnami/apps/mahara/htdocs/auth/lib.php", 2105, array(size 9)) at /opt/bitnami/apps/mahara/htdocs/auth/lib.php:2105\nPHP message: * auth_generate_registration_form("register", "internal", "/register.php") at /opt/bitnami/apps/mahara/htdocs/register.php:200\nPHP message: \nPHP message: [WAR] bc (lib/pieforms/pieform.php:1314) Select elements should have at least one option\nPHP message: Call stack (most recent first):\nPHP message: * log_message("Select elements should have at least one option", 8, true, true, "/opt/bitnami/apps/mahara/htdocs/lib/pieforms/piefo...", 1314) at /opt/bitnami/apps/mahara/htdocs/lib/errors.php:441\nPHP message: * error(1024, "Select elements should have at least one option", "/opt/bitnami/apps/mahara/htdocs/lib/pieforms/piefo...", 1314, array(size 2)) at Unknown:0\nPHP message: * trigger_error("Select elements should have at least one option", 1024) at /opt/bitnami/apps/mahara/htdocs/lib/pieforms/pieform.php:1314\nPHP message: * Pieform::info("Select elements should have at least one option") at /opt/bitnami/apps/mahara/htdocs/lib/pieforms/pieform/elements/select.php:90\nPHP message: * pieform_element_select(object(Pieform), array(size 9)) at /opt/bitnami/apps/mahara/htdocs/lib/pieforms/pieform.php:1480\nPHP message: * Pieform->build_element_html(array(size 9)) at /opt/bitnami/apps/mahara/htdocs/lib/pieforms/pieform.php:714\nPHP message: * Pieform->build() at /opt/bitnami/apps/mahara/htdocs/auth/lib.php:2218\nPHP message: * auth_generate_registration_form_js(array(size 11), array(size 0)) at /opt/bitnami/apps/mahara/htdocs/register.php:204\nPHP message: \n', referer: http://10.0.98.117/
[Thu Sep 22 11:03:52.332582 2016] [proxy_fcgi:error] [pid 1391:tid 140307572020992] [client 10.0.98.133:51923] AH01071: Got error 'PHP message: [WAR] 8b (auth/ldap/lib.php:322) ldap_search(): Search: Operations error\nPHP message: Call stack (most recent first):\nPHP message: * log_message("ldap_search(): Search: Operations error", 8, true, true, "/opt/bitnami/apps/mahara/htdocs/auth/ldap/lib.php", 322) at /opt/bitnami/apps/mahara/htdocs/lib/errors.php:441\nPHP message: * error(2, "ldap_search(): Search: Operations error", "/opt/bitnami/apps/mahara/htdocs/auth/ldap/lib.php", 322, array(size 5)) at Unknown:0\nPHP message: * ldap_search(resource(#4), "OU=_Liste Distribuzione", "(CN=Users,DC=links,DC=it=links\\5clezzio)", array(size 1)) at /opt/bitnami/apps/mahara/htdocs/auth/ldap/lib.php:322\nPHP message: * AuthLdap->ldap_find_userdn(resource(#4), "********") at /opt/bitnami/apps/mahara/htdocs/auth/ldap/lib.php:141\nPHP message: * AuthLdap->authenticate_user_account(object(LiveUser), "********") at /opt/bitnami/apps/mahara/htdocs/auth/lib.php:1500\nPHP message: * login_submit(object(Pieform), array(size 6)) at Unknown:0\nPHP message: * call_user_func_array("login_submit", array(size 2)) at /opt/bitnami/apps/mahara/htdocs/lib/pieforms/pieform.php:537\nPHP message: * Pieform->__construct(array(size 9)) at /opt/bitnami/apps/mahara/htdocs/auth/lib.php:505\nPHP message: * auth_setup() at /opt/bitnami/apps/mahara/htdocs/init.php:379\nPHP message: * require("/opt/bitnami/apps/mahara/htdocs/init.php") at /opt/bitnami/apps/mahara/htdocs/index.php:16\nPHP message: \n', referer: http://10.0.98.117/
~