LDAP and multiple mail addresses

[ArminXG]

When one of our LDAP users logs in, his mail address is set to array() because in our LDAP there are more than one 'mail' entry per user. To fix it, I changed the code to use our main address which we have in mailPrimaryAddress. This works, but maybe you care to change the code to allow an array to read here. It would be good to specify the LDAP map with its names in a separate config file anyway.

[nuxsmin]

Does it mean that "mailPrimaryAddress" attribute is standard or is it a custom attribute instead?.

A custom LDAP mapping would be an advanced feature that could generate some issues, so I'd leave the code as is, so advanced users like you can modify as needed (it's only an array....).

The goal is not to make a fully customizable LDAP feature, because it would need a lot of coding for a very limited users range.

Thanks for the feedback!

[ArminXG]

"mailPrimaryAddress" is a standard in our environment, we use Univention Corporate Server. I cannot tell if it is a standard in other worlds. A default mapping like you did of course makes sense for most of the users, but making it easily changable would be nice and would not change the defaults. Changing the code is always not nice, you need to be careful on updates. And it is not just the array, the search for the attributes in your code defines the attributes names again. Maybe that search can be changed to use the array entries.

And the problem with multiple "mail" attributes returning the users mail address as "array()" is a bug I think.

Armin

[nuxsmin]

Sure...updates will be the problem.

I'll need to think how to implement it, because the new configuration is done in XML format, so no PHP code will be used for config purposes.

Maybe an XML overlay to edit it directly so it would avoid to code a view for that.

[dvdfabian]

Hello,

we've also experienced this error. We have a Fedora DS directory and almost all of our user accounts have multiple mail attributes. Syspass tries to store the resulting PHP array() form the LDAP search into the database and produces a PHP warning - array conversion to string. All emails for such LDAP accounts are stored as "array()" in the DB. This brings problems to user management because the UI refuses a pre-filled value "array()" as an invalid email address. One has to manually change the email every time one needs to change e.g. a group membership. My solution to the problem was to add the following code to DB.class.php on line 212. It's not the nicest fix but it works.

if (is_array($value))
   $value = $value[0];

Best regards, David Fabian