Closed Bug 387056 Opened 17 years ago Closed 12 years ago

Unable to create an account when in LDAP mode

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 51191

People

(Reporter: altlist, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4
Build Identifier: 

Bugzilla normally auto-creates accounts when I'm using LDAP.  However, sometimes I would like to create additional accounts, such as email addresses for mailing lists.  For these, a person won't be login in as that mailing list email.

In this situation, Bugzilla complains about the password being too short, even though such a password field doesn't show up on the edit-user page. 

Ideally, bugzilla should probably just create a random password string?

Reproducible: Always
Not sure I understand correctly. What prevents an admin from creating additional accounts using editusers.cgi?
When I'm using LDAP, the editusers.cgi doesn't display a "password" field.  So when I attempt to create a new user, it complains that the password value is too short.  My short-term solution is to add a hidden "password" input field with a random password value.
Are you in LDAP,DB mode? Because in just plain LDAP mode, of course you can't create accounts.
Version: unspecified → 3.0
Max, i just switched from mode "DB" to mode "LDAP" and can create new accounts (including password) just fine. Should this be disabled completly when using LDAP only?
(In reply to comment #3)
> Are you in LDAP,DB mode? Because in just plain LDAP mode, of course you can't
> create accounts.
> 

I'm using LDAP,DB mode.

And please don't disable new account creation in this mode.  Or rather, this is how I'm adding email addresses for mailing lists and aliases, as people are unable to login as those mailing lists.

I even added a "nobody" account.

Thanks,
Albert
(In reply to comment #4)
> Max, i just switched from mode "DB" to mode "LDAP" and can create new accounts
> (including password) just fine. Should this be disabled completly when using
> LDAP only?

  Yes, it probably should be disabled entirely. I think we might even have a bug for that, or may have already fixed it for 3.0.1. I think ghendricks or somebody at Novell dealt with something about it.

(In reply to comment #5)
> And please don't disable new account creation in this mode.

  Don't worry, we wouldn't. That's the whole point of LDAP,DB. :-)
If creating new accounts will be completly disabled, how can an admin control who has access to bugzilla and who hasn-t when using LDAP-mode? 
There is a "createemailregexp" parameter which, if left blank, prevents self-registration for new users. This parameter works fine in DB-Mode but has no effect when using LDAP-mode (just tested it) so i have no chance to grant access only to certain users when using LDAP-mode?
I thought LDAP would only be used for password verification, not as an replacement for the user-db in bugzilla ...
Users can't create accounts in LDAP-only mode.
Users can login with any valid LDAP-Account when using LDAP-only-mode, account is auto-created. Tested in 3.0, probably changed in versions >3.0 ?
(In reply to comment #9)
> Users can login with any valid LDAP-Account when using LDAP-only-mode

  Yes, but they didn't *create* that account, in my terminology. :-) It already existed in LDAP.

  You can use the LDAPfilter parameter to limit who can create accounts or log in using LDAP.
In LDAP-only mode, Bugzilla refuses to create a new account because this means it should create it in the LDAP server, which Bugzilla is currently unable to do, see bug 51191.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
For the record, this ticket is on creating user accounts in Bugzilla, without creating the associated LDAP account.  In my case, I needed to add mailing lists accounts that were already in LDAP.

As it turns out, much has changed such that this is no longer an issue in Bugzilla 5.0
You need to log in before you can comment on or make changes to this bug.