Closed marensas closed 2 years ago
Hi @marensas,
What database are you using? MySQL, Postgre, etc.
Hi @marensas,
What database are you using? MySQL, Postgre, etc.
It's Mysql 8.O
Do you happen to have users in your database with null
object GUID columns, but have a populated email column? Wondering if the sync_existing
is failing for some reason.
Do you happen to have users in your database with
null
object GUID columns, but have a populated email column? Wondering if thesync_existing
is failing for some reason.
I guess it's not related. I'v done SELECT * FROM users where guid is null;
and got 0 rows.
Ok, if you remove the sync_existing
option completely from your config/auth.php
file does that resolve the issue?
Ok, if you remove the
sync_existing
option completely from yourconfig/auth.php
file does that resolve the issue?
I realized that I'll not have cases where guid
and domain
fields will be null, as mentioned in documentation, because app authorization will only be available through LDAP, so I removed sync_existing
completely as you recommended:
But I'v got even more users trying to be inserted (15 including previous 3):
I'v tried to run command with filtering specific user email ldap:import users --filter "(mail=duplicated@email.com)"
:
So I also realized that these are the persons who left company today and for some reason thei records were duplicated in active directory.
Question: is there any way to filter out these groups? I.e. - ldap:import users --filter "(ou!=Disabled by automatic script)"
Ohh I see, that makes sense since they would have a different guid
but the same email address.
Question: is there any way to filter out these groups? I.e. - ldap:import users --filter "(ou!=Disabled by automatic script)"
You may be able to achieve this since you're using Active Directory. Give this a shot:
ldap:import users --filter "(!(distinguishedName:=*Disabled by automatic script*))"
ldap:import users --filter "(!(distinguishedName:=*Disabled by automatic script*))"
It throws me ldap_search(): Search: Bad search filter
error.
I found LDAP filtering syntax page. So I fixed command to ldap:import users --filter "(!(ou=*Disabled by automatic script*))"
(without :
), but still I'm getting the duplication errors.
To be sure that filtering is working I'v decided to reverse the condition: ldap:import users --filter "(ou=*Disabled by automatic script*)"
, but got There were no users found to import.
output.
It seems that filtering by 'ou' name is not working. Maybe I'm wrong with that 'ou' group?
I was unable to filter out this specific OU, but --no-log
flag helped me ignore these errors.
Using
ldap:import users --no-interaction --chunk 500
command.AppServiceProvider
has this https://github.com/DirectoryTree/LdapRecord-Laravel/issues/134#issuecomment-1021190220:auth.php
looks like:Command output looks like:
In the end I'v got 3 errors with different users:
ERROR: Failed importing object [Name Surname]. SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'name@email.com' for key 'users.users_email_unique'
(name and email are changed)It seems like synchronization is struggling somewhere for unknown reason?