Forums | Mahara Community

Support /
Problems with ldap user sync


Ralph Ballier's profile picture
Posts: 98

14 September 2018, 10:39 PM

Hello,

I've tried to set up users from ldap using mahara's user sync. Because clicking on the options in the admin interface had no effect, I tried it directly with the script "sync_users.php". I added the result below. What can I do?

Ralph

[email protected]:/var/www/vhosts/mahara.osz-lise-meitner.eu/htdocs/auth/ldap/cli# php sync_users.php --institution='LMS'
[INF] a0 (auth/ldap/lib.php:2090) ---------- started institution user sync for institution "LMS" at Fri, 14 Sep 2018 12:33:20 +0200 ----------
[INF] a0 (auth/ldap/lib.php:1087) ---------- started usersync for instance 3 at Fri, 14 Sep 2018 12:33:20 +0200 ----------
[DBG] a0 (lib/dml.php:157) mysqli error: [1171: All parts of a PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead] in EXECUTE("CREATE TEMPORARY TABLE auth_ldap_extusers_temp (
[DBG] a0 (lib/dml.php:157) extusername VARCHAR(64) DEFAULT NULL,
[DBG] a0 (lib/dml.php:157) firstname TEXT,
[DBG] a0 (lib/dml.php:157) lastname TEXT,
[DBG] a0 (lib/dml.php:157) email VARCHAR(255) DEFAULT NULL,
[DBG] a0 (lib/dml.php:157) studentid TEXT,
[DBG] a0 (lib/dml.php:157) preferredname TEXT,
[DBG] a0 (lib/dml.php:157) CONSTRAINT PRIMARY KEY (extusername)
[DBG] a0 (lib/dml.php:157) )ENGINE=innodb")Command was: CREATE TEMPORARY TABLE auth_ldap_extusers_temp (
[DBG] a0 (lib/dml.php:157) extusername VARCHAR(64) DEFAULT NULL,
[DBG] a0 (lib/dml.php:157) firstname TEXT,
[DBG] a0 (lib/dml.php:157) lastname TEXT,
[DBG] a0 (lib/dml.php:157) email VARCHAR(255) DEFAULT NULL,
[DBG] a0 (lib/dml.php:157) studentid TEXT,
[DBG] a0 (lib/dml.php:157) preferredname TEXT,
[DBG] a0 (lib/dml.php:157) CONSTRAINT PRIMARY KEY (extusername)
[DBG] a0 (lib/dml.php:157) )ENGINE=innodb
[WAR] a0 (lib/errors.php:859) Could not execute command: CREATE TEMPORARY TABLE auth_ldap_extusers_temp (
[WAR] a0 (lib/errors.php:859) extusername VARCHAR(64) DEFAULT NULL,
[WAR] a0 (lib/errors.php:859) firstname TEXT,
[WAR] a0 (lib/errors.php:859) lastname TEXT,
[WAR] a0 (lib/errors.php:859) email VARCHAR(255) DEFAULT NULL,
[WAR] a0 (lib/errors.php:859) studentid TEXT,
[WAR] a0 (lib/errors.php:859) preferredname TEXT,
[WAR] a0 (lib/errors.php:859) CONSTRAINT PRIMARY KEY (extusername)
[WAR] a0 (lib/errors.php:859) )ENGINE=innodb
Call stack (most recent first):
* log_message(string(size 290), integer, true, true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/errors.php:95
* log_warn(string(size 290)) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/errors.php:859
* SQLException->__construct(string(size 290)) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/dml.php:158
* execute_sql(string(size 263)) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/dml.php:1451
* execute_sql_arr(array(size 1), false, true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/ddl.php:870
* create_temp_table(object(XMLDBTable), false, true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/lib.php:1104
* AuthLdap->sync_users(false) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/lib.php:2128
* auth_ldap_sync_users(string(size 3), null, null, null, null, null, null) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/cli/sync_users.php:174

[WAR] a0 (auth/ldap/lib.php:1106) Could not create temp table auth_ldap_extusers_temp
Call stack (most recent first):
* log_message(string(size 51), integer, false, true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/errors.php:95
* log_warn(string(size 51), false) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/lib.php:1106
* AuthLdap->sync_users(false) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/lib.php:2128
* auth_ldap_sync_users(string(size 3), null, null, null, null, null, null) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/cli/sync_users.php:174

[INF] a0 (auth/ldap/lib.php:2131) ---------- finished institutino user sync at Fri, 14 Sep 2018 12:33:20 +0200 ----------
---------- ended at Fri, 14 Sep 2018 12:33:20 +0200 ----------

Ralph Ballier's profile picture
Posts: 98

14 September 2018, 10:49 PM

I just saw that I asked the same question on May 11 of this year. But only Kristina had answered me then. The problem is still not solved.


Then I ask it this way: are there admins where the user sync works from the LDAP?

Robert Lyon's profile picture
Posts: 490

15 September 2018, 8:52 AM

Hi Ralph,

I don't use the LDAP system but looking at your error and then looking at the code I think the problem is due to a line in htdocs/auth/ldap/lib.php file

Inside the function sync_users() there is the following line

       $temptable->addFieldInfo('extusername', XMLDB_TYPE_CHAR, 64, null, false);

I believe it should be

       $temptable->addFieldInfo('extusername', XMLDB_TYPE_CHAR, 64, null, XMLDB_NOTNULL);

Can you make that change to your Mahara and then test to see if that fixes your problem?

Cheers

Robert

 

 

Ralph Ballier's profile picture
Posts: 98

16 September 2018, 1:45 AM

Hi Robert,

many thanks for the support. If I make the proposed change, then the user "bla" is set up, for which before with "CN = bla" a filter was set up.


But there is still a warning message (Can not modify header information...). See below.

Cheers

Ralph

[email protected]:/var/www/vhosts/mahara.osz-lise-meitner.eu/htdocs/auth/ldap/cli# php sync_users.php --institution='LMS'
[INF] 20 (auth/ldap/lib.php:2093) ---------- started institution user sync for institution "LMS" at Sat, 15 Sep 2018 15:31:41 +0200 ----------
[INF] 20 (auth/ldap/lib.php:1087) ---------- started usersync for instance 3 at Sat, 15 Sep 2018 15:31:41 +0200 ----------
[INF] 20 (auth/ldap/lib.php:924) retrieving these fields: givenName,sn,mail,cn,displayName,CN
[INF] 20 (auth/ldap/lib.php:924)

[INF] 20 (auth/ldap/lib.php:1142) LDAP users found : 1
[INF] 20 (auth/ldap/lib.php:1159) user auto-update disabled
[INF] 20 (auth/ldap/lib.php:1236) user auto-suspend/delete disabled
[INF] 20 (auth/ldap/lib.php:1303) 1 LDAP users unknown to Mahara
[INF] 20 (auth/ldap/lib.php:1306) creating user bla
[INF] 20 (auth/ldap/lib.php:1350) LDAP (users:0) (updated:0) (unsuspended:0) (created:1) (suspended:0) (deleted:0) (ignored:0) (errors:0)
[INF] 20 (auth/ldap/lib.php:1351) ---------- ended at Sat, 15 Sep 2018 15:31:42 +0200 ----------
[INF] 20 (auth/ldap/lib.php:2134) ---------- finished institutino user sync at Sat, 15 Sep 2018 15:31:42 +0200 ----------
[WAR] 20 (lib/web.php:2138) Cannot modify header information - headers already sent by (output started at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/lib.php:981)
Call stack (most recent first):
* log_message(string(size 152), integer, true, true, string(size 63), integer) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/errors.php:521
* error(integer, string(size 152), string(size 63), integer, array(size 6)) at Unknown:0
* setcookie(string(size 15), string(size 6), string(size 10), string(size 1), string(size 26), true, true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/lib/web.php:2138
* set_cookie(string(size 15), string(size 6), string(size 10), true) at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/user.php:1652
* LiveUser->logout() at /var/www/vhosts/mahara.osz-lise-meitner.eu/httpdocs/auth/ldap/cli/sync_users.php:183

---------- ended at Sat, 15 Sep 2018 15:31:42 +0200 ----------

 

Ralph Ballier's profile picture
Posts: 98

16 September 2018, 2:54 AM

This are the lines around line 981 in ldap/lib.php:

979 }
980 } while ($entry = ldap_next_entry($ldapconnection, $entry));
981 echo "\n";
982 }

Shal I delete line 981?

Ralph

Robert Lyon's profile picture
Posts: 490

17 September 2018, 11:24 AM

Hi Ralph,

You can safely ignore that error - the problem happens after LDAP sync finishes and is happening due to this:

Once the sync_users script has run the last step is to log out current user so they are forced to login to see any changes. Part of the logout function is to set a cookie and this can't be done after headers already sent.

I'll make a fix to suppress this message and add it to the patch https://reviews.mahara.org/#/c/9137/

Cheers

Robert

Ralph Ballier's profile picture
Posts: 98

18 September 2018, 5:50 AM

Hi Robert,

thank you very much.

Ralph

7 results