search

owncloud / core

:cloud: ownCloud web server core (Files, DAV, etc.)
https://owncloud.com
GNU Affero General Public License v3.0
8.36k stars 2.06k forks source link

%uid placeholder not replaced with login #16654

Closed paoloB132 closed 9 years ago

paoloB132 commented 9 years ago

owncloud 8.0.3 RedHat 7.1

Trying to integrate authentication with AD 2012 LDAP module seems properly configured since AD users are correctly listed, I mean attributes are collected from AD. LADP Authentication fails both from desktop client and from web form.

Log shows a failed core login with the username that comes from webform, and the bind attempt shows an empty DN. I mean that username is passed to the core but then %uid is not properly replaced.

Debug from wireshark confirms that %uid are not replaced with username.

PVince81 commented 9 years ago

@blizzz

blizzz commented 9 years ago

@paoloB132 What is your LDAP configuration? use occ ldap:show-config

paoloB132 commented 9 years ago

Hi blizzz,

here our lap conf:

[root@cloud owncloud]# sudo -u apache php occ ldap:show-config +------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+ | Configuration | | +------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+ | hasMemberOfFilterSupport | 1 | | hasPagedResultSupport | | | homeFolderNamingRule | | | lastJpegPhotoLookup | 0 | | ldapAgentName | cn=ldapsearch,cn=users,dc=rfxoffline,dc=local | | ldapAgentPassword | *\ | | ldapAttributesForGroupSearch | | | ldapAttributesForUserSearch | samaccountname | | ldapBackupHost | | | ldapBackupPort | | | ldapBase | dc=rfxoffline,dc=local | | ldapBaseGroups | dc=rfxoffline,dc=local | | ldapBaseUsers | cn=users,dc=rfxoffline,dc=local | | ldapCacheTTL | 600 | | ldapConfigurationActive | 1 | | ldapEmailAttribute | mail | | ldapExperiencedAdmin | 1 | | ldapExpertUUIDGroupAttr | | | ldapExpertUUIDUserAttr | samaccountname | | ldapExpertUsernameAttr | | | ldapGroupDisplayName | cn | | ldapGroupFilter | (&(|(objectclass=group))(|(cn=Servizio-Calcolo))) | | ldapGroupFilterGroups | Servizio-Calcolo | | ldapGroupFilterMode | 1 | | ldapGroupFilterObjectclass | | | ldapGroupMemberAssocAttr | member | | ldapHost | ntserv1.rfxoffline.local | | ldapIgnoreNamingRules | | | ldapLoginFilter | (&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=%uid)(|(sAMAccountName=%uid)))) | | ldapLoginFilterAttributes | sAMAccountName | | ldapLoginFilterEmail | 0 | | ldapLoginFilterMode | 1 | | ldapLoginFilterUsername | 1 | | ldapNestedGroups | 0 | | ldapNoCase | 1 | | ldapOverrideMainServer | 0 | | ldapPagingSize | 500 | | ldapPort | 389 | | ldapQuotaAttribute | | | ldapQuotaDefault | | | ldapTLS | 0 | | ldapUserDisplayName | displayname | | ldapUserFilter | (&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local))) | | ldapUserFilterGroups | Servizio-Calcolo | | ldapUserFilterMode | 1 | | ldapUserFilterObjectclass | person | | ldapUuidGroupAttribute | auto | | ldapUuidUserAttribute | auto | | turnOffCertCheck | 0 | +------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+

Il giorno 05/giu/2015, alle ore 20.33, blizzz ha scritto:

occ ldap:show-config

blizzz commented 9 years ago

Log shows a failed core login with the username that comes from webform, and the bind attempt shows an empty DN. I mean that username is passed to the core but then %uid is not properly replaced.

Is displayname set for the users you want to login with? Otherwise try to switch it to "cn" (Advanced Settings).

paoloB132 commented 9 years ago

Blizz,

On 08/giu/2015, at 13:44, blizzz notifications@github.com wrote:

Log shows a failed core login with the username that comes from webform, and the bind attempt shows an empty DN. I mean that username is passed to the core but then %uid is not properly replaced.

Is displayname set for the users you want to login with?

it seems so:

[root@cloud ~]# ldapsearch -v -ZZ -LLL -hntserv1.rfxoffline.local -b"dc=rfxoffline,dc=local" -D "cn=ldapsearch,cn=Users,dc=rfxoffline,dc=local" -W -x "(&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=barbato)(|(sAMAccountName=barbato))))”

displayName: Barbato Paolo cn: barbato name: barbato sAMAccountName: barbato

Otherwise try to switch it to "cn" (Advanced Settings).

try to set "User Display Name Field” to “displayname", to “cn” and to “samaccountname” …log show all the time failure:

{"reqId":"b6c4add98f3080fcc47ba13f77d91786","remoteAddr":"150.178.3.7","app":"user_ldap","message":"No DN found for on ntserv1.rfxoffline.local","level":0,"time":"2015-06-08T11:58:44+00:00","method":"GET","url":"\/owncloud\/index.php\/core\/js\/oc.js?v=affb9603fa428ae312e7fdac3994a8d2"} {"reqId":"d50cf1c47a5be9216f3c3a4b92b810b1","remoteAddr":"150.178.3.7","app":"core","message":"Login failed: 'barbato' (Remote IP: '150.178.3.7', X-Forwarded-For: '')","level":2,"time":"2015-06-08T12:00:16+00:00","method":"POST","url":"\/owncloud\/index.php”}

Looking at the code it seems some problems occurs

/Users/manager/Library/Caches/Cleanup At Startup/com.fetchsoftworks.Fetch/Fetch Temporary Folder 3/user_ldap.php

public function checkPassword($uid, $password) {
    $uid = $this->access->escapeFilterPart($uid);

    //find out dn of the user name
    $attrs = array($this->access->connection->ldapUserDisplayName, 'dn',
        'uid', 'samaccountname');
    $filter = \OCP\Util::mb_str_replace(
        '%uid', $uid, $this->access->connection->ldapLoginFilter, 'utf-8');

    # -rfx-
    print "uid $uid dn $dn samccountname $samaccountname filter $filter\n";
    var_dump ($attrs);

    $users = $this->access->fetchListOfUsers($filter, $attrs);
    if(count($users) < 1) {
        return false;
    }
    $dn = $users[0]['dn'];

this code return false

$uid is really “barbato”, that is my login, where dn and samaccountname are empty

$filter is (&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=%uid)(|(sAMAccountName=%uid))))

$attrs contains: array(4) { [0]=> string(11) "displayname" [1]=> string(2) "dn" [2]=> string(3) "uid" [3]=> string(14) "samaccountname" }

Regards, Paolo.

— Reply to this email directly or view it on GitHub.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

paoloB132 commented 9 years ago

….

if I force $filter to:

$filter= "(&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=barbato)(|(sAMAccountName=barbato))))";

Than it works!

So It seems that something goes wrong here:

$filter = \OCP\Util::mb_str_replace( '%uid', $uid, $this->access->connection->ldapLoginFilter, 'utf-8’);

That seems a problem for patchwork library

/var/www/html/owncloud/3rdparty/patchwork

… I’ve also installed the newest distribution but problem is still there.

May be something related with redhat7 and how utf encoding is managed ?

Regards, Paolo.

On 08/giu/2015, at 14:33, Paolo Barbato paolo.barbato@igi.cnr.it wrote:

Blizz,

On 08/giu/2015, at 13:44, blizzz <notifications@github.com mailto:notifications@github.com> wrote:

Log shows a failed core login with the username that comes from webform, and the bind attempt shows an empty DN. I mean that username is passed to the core but then %uid is not properly replaced.

Is displayname set for the users you want to login with?

it seems so:

[root@cloud ~]# ldapsearch -v -ZZ -LLL -hntserv1.rfxoffline.local -b"dc=rfxoffline,dc=local" -D "cn=ldapsearch,cn=Users,dc=rfxoffline,dc=local" -W -x "(&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=barbato)(|(sAMAccountName=barbato))))”

displayName: Barbato Paolo cn: barbato name: barbato sAMAccountName: barbato

Otherwise try to switch it to "cn" (Advanced Settings).

try to set "User Display Name Field” to “displayname", to “cn” and to “samaccountname” …log show all the time failure:

{"reqId":"b6c4add98f3080fcc47ba13f77d91786","remoteAddr":"150.178.3.7","app":"user_ldap","message":"No DN found for on ntserv1.rfxoffline.local","level":0,"time":"2015-06-08T11:58:44+00:00","method":"GET","url":"\/owncloud\/index.php\/core\/js\/oc.js?v=affb9603fa428ae312e7fdac3994a8d2"} {"reqId":"d50cf1c47a5be9216f3c3a4b92b810b1","remoteAddr":"150.178.3.7","app":"core","message":"Login failed: 'barbato' (Remote IP: '150.178.3.7', X-Forwarded-For: '')","level":2,"time":"2015-06-08T12:00:16+00:00","method":"POST","url":"\/owncloud\/index.php”}

Looking at the code it seems some problems occurs

/Users/manager/Library/Caches/Cleanup At Startup/com.fetchsoftworks.Fetch/Fetch Temporary Folder 3/user_ldap.php

public function checkPassword($uid, $password) { $uid = $this->access->escapeFilterPart($uid);

  //find out dn of the user name
  $attrs = array($this->access->connection->ldapUserDisplayName, 'dn',
      'uid', 'samaccountname');
  $filter = \OCP\Util::mb_str_replace(
      '%uid', $uid, $this->access->connection->ldapLoginFilter, 'utf-8');

  # -rfx-
  print "uid $uid dn $dn samccountname $samaccountname filter $filter\n";
  var_dump ($attrs);

  $users = $this->access->fetchListOfUsers($filter, $attrs);
  if(count($users) < 1) {
      return false;
  }
  $dn = $users[0]['dn'];

this code return false

$uid is really “barbato”, that is my login, where dn and samaccountname are empty

$filter is (&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=%uid)(|(sAMAccountName=%uid))))

$attrs contains: array(4) { [0]=> string(11) "displayname" [1]=> string(2) "dn" [2]=> string(3) "uid" [3]=> string(14) "samaccountname" }

Regards, Paolo.

— Reply to this email directly or view it on GitHub.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

paoloB132 commented 9 years ago

Hi Blizz,

are you been able to reproduce this bug ?

Regards, Paolo.

On 08/giu/2015, at 14:48, Paolo Barbato paolo.barbato@igi.cnr.it wrote:

….

if I force $filter to:

$filter= "(&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=barbato)(|(sAMAccountName=barbato))))";

Than it works!

So It seems that something goes wrong here:

$filter = \OCP\Util::mb_str_replace( '%uid', $uid, $this->access->connection->ldapLoginFilter, 'utf-8’);

That seems a problem for patchwork library

/var/www/html/owncloud/3rdparty/patchwork

… I’ve also installed the newest distribution but problem is still there.

May be something related with redhat7 and how utf encoding is managed ?

Regards, Paolo.

On 08/giu/2015, at 14:33, Paolo Barbato <paolo.barbato@igi.cnr.it mailto:paolo.barbato@igi.cnr.it> wrote:

Blizz,

On 08/giu/2015, at 13:44, blizzz <notifications@github.com mailto:notifications@github.com> wrote:

Log shows a failed core login with the username that comes from webform, and the bind attempt shows an empty DN. I mean that username is passed to the core but then %uid is not properly replaced.

Is displayname set for the users you want to login with?

it seems so:

[root@cloud ~]# ldapsearch -v -ZZ -LLL -hntserv1.rfxoffline.local -b"dc=rfxoffline,dc=local" -D "cn=ldapsearch,cn=Users,dc=rfxoffline,dc=local" -W -x "(&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=barbato)(|(sAMAccountName=barbato))))”

displayName: Barbato Paolo cn: barbato name: barbato sAMAccountName: barbato

Otherwise try to switch it to "cn" (Advanced Settings).

try to set "User Display Name Field” to “displayname", to “cn” and to “samaccountname” …log show all the time failure:

{"reqId":"b6c4add98f3080fcc47ba13f77d91786","remoteAddr":"150.178.3.7","app":"user_ldap","message":"No DN found for on ntserv1.rfxoffline.local","level":0,"time":"2015-06-08T11:58:44+00:00","method":"GET","url":"\/owncloud\/index.php\/core\/js\/oc.js?v=affb9603fa428ae312e7fdac3994a8d2"} {"reqId":"d50cf1c47a5be9216f3c3a4b92b810b1","remoteAddr":"150.178.3.7","app":"core","message":"Login failed: 'barbato' (Remote IP: '150.178.3.7', X-Forwarded-For: '')","level":2,"time":"2015-06-08T12:00:16+00:00","method":"POST","url":"\/owncloud\/index.php”}

Looking at the code it seems some problems occurs

/Users/manager/Library/Caches/Cleanup At Startup/com.fetchsoftworks.Fetch/Fetch Temporary Folder 3/user_ldap.php

public function checkPassword($uid, $password) { $uid = $this->access->escapeFilterPart($uid);

 //find out dn of the user name
 $attrs = array($this->access->connection->ldapUserDisplayName, 'dn',
     'uid', 'samaccountname');
 $filter = \OCP\Util::mb_str_replace(
     '%uid', $uid, $this->access->connection->ldapLoginFilter, 'utf-8');

 # -rfx-
 print "uid $uid dn $dn samccountname $samaccountname filter $filter\n";
 var_dump ($attrs);

 $users = $this->access->fetchListOfUsers($filter, $attrs);
 if(count($users) < 1) {
     return false;
 }
 $dn = $users[0]['dn'];

this code return false

$uid is really “barbato”, that is my login, where dn and samaccountname are empty

$filter is (&(&(|(objectclass=person))(|(memberof=CN=Servizio-Calcolo,CN=Users,DC=rfxoffline,DC=local)))(|(samaccountname=%uid)(|(sAMAccountName=%uid))))

$attrs contains: array(4) { [0]=> string(11) "displayname" [1]=> string(2) "dn" [2]=> string(3) "uid" [3]=> string(14) "samaccountname" }

Regards, Paolo.

— Reply to this email directly or view it on GitHub.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

paoloB132 commented 9 years ago

Blizzz,

let me inform you that I've made a new clean install on rhel 7.1. and the problem is still present with owncloud 8.0.4.

I've installed on a new rhel 7.1, the owncloud present on epel, that is owncloud-7.0.5-2.el7.noarch , really AD starts working.

Regards, Paolo.

blizzz commented 9 years ago

In OC 7 we do not use Patchwork. Which PHP version do you run?

paoloB132 commented 9 years ago

[root@testrhel7 kit]# php -v PHP 5.4.16 (cli) (built: Oct 23 2014 07:19:40) Copyright (c) 1997-2013 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies

On 18/giu/2015, at 13:18, blizzz notifications@github.com wrote:

In OC 7 we do not use Patchwork. Which PHP version do you run?

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113116234.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

blizzz commented 9 years ago

are there any PHP warnings or errors in the log?

paoloB132 commented 9 years ago

No errors at all in ssl_errors_log

and nothing specific in ssl_access_log

150.178.3.7 - - [17/Jun/2015:15:54:26 +0200] "POST /owncloud/ HTTP/1.1" 200 11483 150.178.3.7 - - [17/Jun/2015:15:54:26 +0200] "GET /owncloud/index.php/core/js/oc.js?v=affb9603fa428ae312e7fdac3994a8d2 HTTP/1.1" 200 1843 150.178.3.7 - - [17/Jun/2015:15:54:26 +0200] "GET /owncloud/cron.php HTTP/1.1" 200 20

On 18/giu/2015, at 13:28, blizzz notifications@github.com wrote:

are there any PHP warnings or errors in the log?

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113120548.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

pherzing commented 9 years ago

I had this same problem today, and put this on the OC forums to see if others had the issue. Then I found this thread. Here's what I wrote:

I'm running a new install of OC 8.0.4 on this stack:

CentOS 7 minimal (SELinux disabled, fully patched) php-fpm 5.4.16 nginx 1.6.3 MariaDB Server 5.5.41

I configured my installation to authenticate against my OpenLDAP server. I got it to correctly count the number of users, and correctly list them on the Users admin panel. But I had no luck authenticating.

I dug into the code and discovered that checkPassword() was not correctly replacing '%uid' with the $uid passed to the function when building the $filter string. The issue seems to be the mb_str_replace function in /lib/private/helper.php. $offset is initialized to -1 (Line 766). If I initialize to zero, the function performs the correct substitution, and my users can authenticate.

I don't know if this "fix" will break something else. I haven't tested it for long.

paoloB132 commented 9 years ago

Hi pherzing,

your report confirm what we’ve observed here in a couple of clean test installation.

As Blizzz said, In OC8 they integrate 3rd party “patchwork” library in order to manage utf-8.

We’ve also look somewhat in deep at the code (but we’re are no OC neither patchwork developers) and found a possible conflict of patchwork with CentOS/Rhel 7.x, in particular on how utf-8 is managed at system level.

Regards, Paolo.

On 18/giu/2015, at 20:49, pherzing notifications@github.com wrote:

I had this same problem today, and put this on the OC forums to see if others had the issue. Then I found this thread. Here's what I wrote:

I'm running a new install of OC 8.0.4 on this stack:

CentOS 7 minimal (SELinux disabled, fully patched) php-fpm 5.4.16 nginx 1.6.3 MariaDB Server 5.5.41

I configured my installation to authenticate against my OpenLDAP server. I got it to correctly count the number of users, and correctly list them on the Users admin panel. But I had no luck authenticating.

I dug into the code and discovered that checkPassword() was not correctly replacing '%uid' with the $uid passed to the function when building the $filter string. The issue seems to be the mb_str_replace function in /lib/private/helper.php. $offset is initialized to -1 (Line 766). If I initialize to zero, the function performs the correct substitution, and my users can authenticate.

I don't know if this "fix" will break something else. I haven't tested it for long.

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113255557.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

blizzz commented 9 years ago

@paoloB132 @pherzing would it be possibly to isolate the error, test with latest Patchwork and if reproducible open an issue there?

blizzz commented 9 years ago

@jnfrmarks could you try to reproduce it with RHEL/CentOS 7?

paoloB132 commented 9 years ago

Problem is present also with latest 1.2.2

…I’ll try to report the issue to patchwork devs

On 19/giu/2015, at 11:15, blizzz notifications@github.com wrote:

@paoloB132 https://github.com/paoloB132 @pherzing https://github.com/pherzing would it be possibly to isolate the error, test with latest Patchwork https://github.com/tchwork/utf8 and if reproducible open an issue there https://github.com/tchwork/utf8/issues?

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113442481.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

paoloB132 commented 9 years ago

Yes it happens both on redhat 7.1 and centos

On 19/giu/2015, at 11:32, blizzz notifications@github.com wrote:

@jnfrmarks https://github.com/jnfrmarks could you try to reproduce it with RHEL/CentOS 7?

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113445654.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

blizzz commented 9 years ago

Thank you @paoloB132 !

nicolas-grekas commented 9 years ago

To me, the mb_(sub)str_replace wrappers/utils are useless. String replacement is encoding safe. OC should just use the PHP native (sub)str_replace functions and get rid of the mb_*_replace implementations.

paoloB132 commented 9 years ago

Don’t know why in OC8 they have moved on Patchwork….

php-mbstring.x86_64 5.4.16-23.el7_0.3 rhel-7-server-optional-rpms

On 19/giu/2015, at 13:23, Nicolas Grekas notifications@github.com wrote:

To me, the mb_(sub)str_replace wrappers/utils are useless. String replacement is encoding safe. OC should just use the PHP native (sub)strreplace functions and get rid of the mb*_replace implementations.

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113481612.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

nicolas-grekas commented 9 years ago

So, if the mbstring fallback of patchwork/utf8 is not used, then this issue has nothing to do with patchwork/utf8...

paoloB132 commented 9 years ago

.. well OC 8 developers the ball's in your court

On 19/giu/2015, at 13:42, Nicolas Grekas notifications@github.com wrote:

So, if the mbstring fallback of patchwork/utf8 is not used, then this issue has nothing to do with patchwork/utf8...

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113485770.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

pherzing commented 9 years ago

If I can help please let me know. i'm not currently set up as a contributor, but would be happy to join up.

paoloB132 commented 9 years ago

SOLVED!

As Nicolas suggested Patchworks is used by OC8 when rhel/centos php-mbstring is not installed.... so I've installed it: subscription-manager repos --enable=rhel-7-server-optional-rpms yum install php-mbstring service httpd restart (old style sorry !)

and now AD authentication start working !

pherzing commented 9 years ago

Also confirmed here. I restored line 766 to its original form, then did this:

yum install php-mbstring systemctl php-fpm restart systemctl php-fpm nginx (just for fun)

My LDAP auth now works without changes to the OC core.

blizzz commented 9 years ago

@paoloB132 @pherzing did you install ownCloud via package management originally, or by hand?

blizzz commented 9 years ago

@nicolas-grekas thanks for having a look and opening the PR.

pherzing commented 9 years ago

By hand (downloaded https://download.owncloud.org/community/owncloud-8.0.4.tar.bz2)

paoloB132 commented 9 years ago

by hand

On 19/giu/2015, at 16:44, blizzz notifications@github.com wrote:

@paoloB132 https://github.com/paoloB132 @pherzing https://github.com/pherzing did you install ownCloud via package management originally, or by hand?

— Reply to this email directly or view it on GitHub https://github.com/owncloud/core/issues/16654#issuecomment-113535360.

Paolo Barbato

Consorzio RFX corso Stati Uniti,4
35127 Padova - Italy
Network Administrator

phone: +39 049 8295097 fax: +39 049 8700718

blizzz commented 9 years ago

OK, because mbstring extension is enlisted as must-have-dependency in the install documentation. Wanted to make sure that packaging went right.

blizzz commented 9 years ago

I close this issue as configuration bug as mbstring is required for owncloud and it is documented. The Patchwork fallback is not working atm, but it's being dealt with upstream at https://github.com/tchwork/utf8/issues/44. And I will have a look on our methods on next week, based on #17046.

tvsjr commented 9 years ago

Just a quick note... I faced this same issue. Clean install of OC 8.1 on Apache 2.4/SciLinux 7.1. Shame on me for not reading the documentation - installed php-mbstring and everything worked. However, OC does not check for this module during the install process, while it does for others. Perhaps consider checking the required module list and ensuring all requirements are tested?

blizzz commented 9 years ago

@tvsjr we use a lib that adds this functionality if the module is not available, which had a bug in the version we include.