Open
Bug 51191
Opened 24 years ago
Updated 6 years ago
[LDAP] Bugzilla should be able to create new accounts in LDAP
Categories
(Bugzilla :: User Accounts, enhancement, P3)
Bugzilla
User Accounts
Tracking
()
NEW
People
(Reporter: jmrobins, Unassigned)
References
Details
In the current LDAP patches I've submitted, Bugzilla is unable to create a new LDAP acccount. If a user tries to create a new account, they are informed instead to contact an LDAP administrator. However, at some installations, the admins might not want to have to create a new LDAP account for each user themselves. They might want to allow Bugzilla to do this. This would require another operating parameter to determine whether Bugzilla can create a new account or not, some changes to createaccount.cgi to watch for this and deal with it appropriately, and probably a new method in globals.pl for actually creating the new LDAP account.
|
||
Updated•23 years ago
|
Target Milestone: --- → Future
|
||
Comment 1•23 years ago
|
||
-> Bugzilla product
Assignee: tara → myk
Component: Bugzilla → User Accounts
Product: Webtools → Bugzilla
Version: other → unspecified
|
||
Comment 2•23 years ago
|
||
I had the same problem with my LDAP enabled Bugzilla. To get around it I
created a function (in similar form to those already in CGI.pl) called
CGI.pl::
# Wed Aug 29 15:27:31 EDT 2001 ------------------ jlaska
# SUB: LDAPdn_to_cn
# ARGUMENTS: $email - string
# $conn - a valid LDAP connection string, if NULL new
connection is created
# RETURNS: $cn - a LDAP stored cn (certified name?)
sub LDAPemail_to_cn {
my ($email,$LDAPconn) = (@_);
my $LDAPserver = Param("LDAPserver");
my $LDAPport = "389"; # default LDAP port
my $dnEntry = new Mozilla::LDAP::Entry();
my $cn = "";
my $arg2_flag = ($LDAPconn)?(1):(0);
# is LDAP enabled by bugzilla?
if ( Param("useLDAP") ) {
# are the LDAP modules installed?
if ( $have_ldap ) {
# if a valid connection was not passed as an argument, we need to
connect
if ( !$LDAPconn ) {
if ( $LDAPserver =~ /:/ ) {
($LDAPserver, $LDAPport) = split(":",$LDAPserver);
}
# connect to the server
$LDAPconn = new Mozilla::LDAP::Conn($LDAPserver,$LDAPport);
}
# search for user
my $filter = "(". Param("LDAPmail") ."=$email)";
if ( Param("LDAPadditional") ) {
$filter = "(&$filter" . Param("LDAPadditional") . ")";
}
$dnEntry = $LDAPconn->search(Param("LDAPBaseDN"),"subtree", $filter);
# if we found a LDAP DN for the email argument given, set the $cn
and return
if ( $dnEntry ) {
$cn = @{$dnEntry->{cn}}[0];
}
if ( $arg2_flag ) {
$LDAPconn->close;
}
}
}
return $cn;
}
This function makes use of a Parameter I added to support installation
configurable LDAP filters in bug#122365. The above function is then called from
globals.pl::DBNameToIdAndCheck(). This way, if a user is put on as a CC and
they don't exist in the database yet, it will go and grab their info from the
lDAP server. The same is true for reassigning bugs, if the user hasn't ever
logged into bugzilla yet...it would grab their info from the LDAP server.
globals.pl::DBNameToIdAndCheck
sub DBNameToIdAndCheck {
my ($name, $forceok) = (@_);
$name = html_quote($name);
my $result = DBname_to_id($name);
if ($result > 0) {
return $result;
}
if ($forceok) {
InsertNewUser($name, "");
$result = DBname_to_id($name);
if ($result > 0) {
return $result;
}
print "Yikes; couldn't create user $name. Please report problem to " .
Param("maintainer") ."\n"; } elsif ( Param("useLDAP") ) { # Are we using
LDAP, if so add this user
my $realname = LDAPemail_to_cn($name); # search LDAP for the realname
attached to the email addr
if ( $realname ) {
InsertNewUser( $name, $realname );
$result = DBname_to_id($name);
if ($result > 0) {
return $result;
}
} else {
print "The email address <TT><font color=\"blue\">$name</font></TT>
could not be found. Either you\n";
print "misspelled it, or the person does not exist in the w3
bluepages directory.\n";
print "If you think the email address <TT><font
color=\"blue\">$name</font></TT> exists in the w3 bluepages directory, please
report this problem to ".Param("maintainer") ."\n";
}
} else {
print "\n"; # http://bugzilla.mozilla.org/show_bug.cgi?id=80045
print "The name <TT>$name</TT> is not a valid username. Either you\n";
print "misspelled it, or the person has not registered for a\n";
print "Bugzilla account.\n";
print "<P>Please hit the <B>Back</B> button and try again.\n";
}
PutFooter(); # there was an error if this point has been reached, close the HTML
exit(0);
}
I hope you find this helpfull! I certainly do :)
|
||
Comment 3•21 years ago
|
||
i've read through the comments on this bug, and it seems that james is hitting on a slightly different problem than what the bug was originally created to address... myk: wants to add a feature that gives bugzilla the ability/power to add a user to LDAP when LDAP does not already contain a user's information james: developed code that lets someone add someone to the bugzilla DB using information pulled from LDAP when a user doesn't already exist in profiles maybe james' response should be another bug with a summary that looks something like: "cannot add user in LDAP mode if user has not logged in once" either way, james' post was very helpful, but i wouldn't have found it unless i read through an otherwise irrelevant bug.
|
|
||
Comment 4•21 years ago
|
||
went ahead and created a new bug to adress a similar but different issue as described by james below. see bug 201069.
|
|
||
Comment 5•21 years ago
|
||
that's "address" and it's above, not below... =/ i'm tired, sorry.
|
||
Updated•18 years ago
|
QA Contact: mattyt-bugzilla → default-qa
|
||
Comment 6•18 years ago
|
||
Just to clarify the purpose of this bug: LDAP can already create new Bugzilla accounts in the DB. We want Bugzilla to be able to create new accounts in LDAP.
Assignee: myk → user-accounts
Summary: With LDAP, Bugzilla should be able to create new accounts. → [LDAP] Bugzilla should be able to create new accounts in LDAP
Target Milestone: Future → ---
|
||
Updated•6 years ago
|
Flags: needinfo?(user-accounts)
You need to log in
before you can comment on or make changes to this bug.
Description
•