New LDAP-Assistant hang at Groups

[davidak]

after https://github.com/owncloud/core/issues/5753 is fixed i get a few steps further.

i set host and base DN, port is automatic setted. i can click on "Fortfahren"

i can choose the user filter, what is really comfortable. :)

on the group filter i set the Class of our "groups", what are "Distribution Lists" = "Verteilerlisten"... in the field with the groups are also all users listed... i don't expect that in a working assistent. it displays "12 groups found" but no "Fortfahren"... am i doing it wrong?

we don't need groups. we have'nt used it in the old LDAP App. here should be an option to not import any groups. i think not everyone has groups in ones ldap.

our E-Mail field is "mail". should i set it manually or is this standard or is this found automatically? tested with and without that...

so i click "Testkonfiguration" and get "Verbindungstest fehlgeschlagen. Die Konfiguration ist ungültig. Weitere Details können Sie in den Logdateien nachlesen." but there is nothing in the logs. using tail -f data/owncloud.log

if i activate the configuration under advanced and click save, there is no error message (-> it should work) but if i open the users backend, there is no user imported.

Server configuration

Ubuntu 12.04.3 LTS Apache/2.2.22 (Ubuntu) mysql Ver 14.14 Distrib 5.5.32 PHP 5.3.10-1ubuntu3.8

ownCloud 6.0 beta 4 (daily) 14.11.2013

@blizzz have you tested it successfully?

[blizzz]

in the field with the groups are also all users listed... i don't expect that in a working assistent.

Yes, it should not be like this. Which LDAP server do you use?

it displays "12 groups found" but no "Fortfahren"... am i doing it wrong?

No, you are done. I agree, there is nothing that tells you – yet. A PR is for an indicator that should resolve confusion is open: https://github.com/owncloud/core/pull/5772

we don't need groups. we have'nt used it in the old LDAP App.

Then don't select anything and you get no groups. That's why by default we do not pre-select anything.

our E-Mail field is "mail". should i set it manually or is this standard or is this found automatically?

So far, the email field is not set automatically. It needs to be determined by looking into some user objects. However, it is not necessarily set while there are at least two possible attributes. Maybe we implement it for 7. So: set it manually (Advanced Tab). For what the login filter concerns: there are two attributes that are usually used and they are simply OR-connected when the options is checked.

so i click "Testkonfiguration" and get "Verbindungstest fehlgeschlagen. Die Konfiguration ist ungültig. Weitere Details können Sie in den Logdateien nachlesen."

Mhmh, there should definitely be something. Which Log Level is set? It should be Info at least.

if i activate the configuration under advanced and click save, there is no error message (-> it should work)

The Save button should flash green on success.

@blizzz have you tested it successfully?

yes :)

[davidak]

in the field with the groups are also all users listed... i don't expect that in a working assistent.

Yes, it should not be like this. Which LDAP server do you use?

we use a Zimbra 7.2.0.4 it displays "12 groups found" but no "Fortfahren"... am i doing it wrong?

No, you are done. I agree, there is nothing that tells you – yet. A PR is for an indicator that should resolve confusion is open: #5772

if i'm done there schould be a save button. maybe numbering the steps 1.-4. like the checkout of a online store. but most use there now a single page checkout.

we should have a good workflow here.

we don't need groups. we have'nt used it in the old LDAP App.

Then don't select anything and you get no groups. That's why by default we do not pre-select anything.

ok, i deselect all. our E-Mail field is "mail". should i set it manually or is this standard or is this found automatically?

So far, the email field is not set automatically. It needs to be determined by looking into some user objects. However, it is not necessarily set while there are at least two possible attributes. Maybe we implement it for 7. So: set it manually (Advanced Tab). For what the login filter concerns: there are two attributes that are usually used and they are simply OR-connected when the options is checked.

i set mail in advanced. so i click "Testkonfiguration" and get "Verbindungstest fehlgeschlagen. Die Konfiguration ist ungültig. Weitere Details können Sie in den Logdateien nachlesen."

Mhmh, there should definitely be something. Which Log Level is set? It should be Info at least.

after the configuration is set, i try "Testkonfiguration" again, but get the error again.

Loglevel is 0 but nothing in the logfile.

if i activate the configuration under advanced and click save, there is no error message (-> it should work)

The Save button should flash green on success.

it does, every time. but nothing get's imported. @blizzz have you tested it successfully?

yes :)

good. with which server have you tested? — Reply to this email directly or view it on GitHub.

[blizzz]

in the field with the groups are also all users listed... i don't expect that in a working assistent.

Yes, it should not be like this. Which LDAP server do you use?

we use a Zimbra 7.2.0.4

Thx, maybe I come up with questions later.

it displays "12 groups found" but no "Fortfahren"... am i doing it wrong?

No, you are done. I agree, there is nothing that tells you – yet. A PR is for an indicator that should resolve confusion is open: #5772

if i'm done there schould be a save button. maybe numbering the steps 1.-4. like the checkout of a online store. but most use there now a single page checkout.

we should have a good workflow here.

There won't be a Save button, everything is saved automatically and immediately.

so i click "Testkonfiguration" and get "Verbindungstest fehlgeschlagen. Die Konfiguration ist ungültig. Weitere Details können Sie in den Logdateien nachlesen."

Mhmh, there should definitely be something. Which Log Level is set? It should be Info at least.

after the configuration is set, i try "Testkonfiguration" again, but get the error again.

Loglevel is 0 but nothing in the logfile.

I will check.

if i activate the configuration under advanced and click save, there is no error message (-> it should work)

The Save button should flash green on success.

it does, every time. but nothing get's imported.

Which makes sense if there is some configuration error as "Test Configuration" reports. Should have been logged…

@blizzz have you tested it successfully?

yes :)

good. with which server have you tested?

openLDAP and AD.

[davidak]

@blizzz i found errors in the owncloud admin backend, that are not in data/owncloud.log ... but there is now a owncloud.log in the root path of the owncloud-instance.

comes that with beta 4 or the daily build or my configuration?

 'log_type' => 'owncloud',
 'logfile' => 'owncloud.log',
 'loglevel' => '0',
 'logdateformat' => 'Y-m-d H:i:s',
 'ldapIgnoreNamingRules' => false,
 'theme' => '',
 'maintenance' => false,
);

_owncloud.log_

{"app":"user_ldap","message":"Wiz: g filter ","level":0,"time":"2013-11-15 13:08:20"}
{"app":"user_ldap","message":"Wiz: Final filter ","level":0,"time":"2013-11-15 13:08:20"}
{"app":"user_ldap","message":"Wiz: Final filter (|(objectclass=zimbraAccount))","level":0,"time":"2013-11-15 13:08:23"}
{"app":"user_ldap","message":"Wiz: g filter ","level":0,"time":"2013-11-15 13:08:23"}
{"app":"user_ldap","message":"Wiz: Final filter (|(objectclass=zimbraAccount))","level":0,"time":"2013-11-15 13:08:31"}
{"app":"user_ldap","message":"Wiz: Final filter (&(|(objectclass=zimbraAccount)))","level":0,"time":"2013-11-15 13:08:41"}
{"app":"user_ldap","message":"Wiz: g filter ","level":0,"time":"2013-11-15 13:08:47"}
{"app":"user_ldap","message":"Wiz: Final filter ","level":0,"time":"2013-11-15 13:08:48"}
{"app":"user_ldap","message":"Wiz: g filter ","level":0,"time":"2013-11-15 13:08:49"}
{"app":"user_ldap","message":"No group filter is specified, LDAP group feature will not be used.","level":1,"time":"2013-11-15 13:09:01"}
{"app":"user_ldap","message":"Configuration Error (prefix ): login filter does not contain %uid place holder.","level":2,"time":"2013-11-15 13:09:01"}

this loglines especially the last should help you. :)

[blizzz]

i found errors in the owncloud admin backend, that are not in data/owncloud.log ... but there is now a owncloud.log in the root path of the owncloud-instance.

Sounds wrong to me.

comes that with beta 4 or the daily build or my configuration?

Is it a clean install? Maybe you adjusted your configuration before?

this loglines especially the last should help you. :)

Yes! :) Did you create the login filter manually? How does it look like?

[davidak]

@blizzz i installed it as 6 alpha 1 and updated several times to the daily build. so how clean would you describe that? :D

i set the config.php directly after install to have a readable time format. maybe 'logfile' => 'owncloud.log', sets the path too in 5.0.13 and not only the name? i think i don't need this line...

it's the same with another instance installed as 5.0.12 EE and updated to 5.0.13 but on another instance still with 5.0.12 EE is only data/owncloud.log

so this IS another error of 5.0.13 and beyond... i will report it in another issue. :)

Did you create the login filter manually? How does it look like?

no. i select it from the list.

like you also see in the logs it looks like (|(objectclass=zimbraAccount)).

[blizzz]

in the field with the groups are also all users listed... i don't expect that in a working assistent.

Yes, it should not be like this. Which LDAP server do you use?

we use a Zimbra 7.2.0.4

Thx, maybe I come up with questions later.

When determining the groups, objects are filtered for the objectClasses "posixGroup" and "group". If this does not return any match, we look for anything, so use the * wildcard. That's probably what happened here.

Which objectClass is used for groups in Zimbra? zimbraGroup or something like this?

[blizzz]

Regarding you log issue (if not resolved) remove it from the config.php, the default is definitely put into the data dir.

[davidak]

Groups in Zimbra are Distribution Lists (= E-Mail Verteilerlisten), objectClass: "zimbraDistributionList".

[blizzz]

Do you mind testing https://github.com/owncloud/core/pull/5979 ?

[davidak]

1. Updated to daily-build. ownCloud 6.0 beta 5 (daily)
2. applied patch once again.
3. delete LDAP-Configuration
4. set host
5. set BASE DN
6. wait until port is automatically found
7. "Fortsetzen"
8. found 76 users what is right without set objectClass, "Configuration OK" -> (|(objectclass=person))
9. set right objectClass -> (|(objectclass=zimbraAccount)) -> "Configuration incorrect"
10. "Fortsetzen"
11. set "LDAP-Benutzername" to Login-Name
12. "Fortsetzen"
13. 0 groups found by default but right groups in the Dropdown "Nur von diesen Gruppen:"
14. set objectClass to "zimbraDistributionList" -> still 0 groups found, Original-Filter field empty ...

same if i let the Users objectClass empty ... no users get imported.

nothing related in owncloud.log.

[blizzz]

Works for me without problem. You need to wait a little bit (1-2 seconds, depends on the whole setup) until the result is returned.

[blizzz]

Fixed by https://github.com/owncloud/core/pull/5979

If you still see the amount of groups not updating, please open a new report.