EspoCRM 4.2.0 released

tarasm · 08-16-2016, 01:54 PM

I will add this fix. Thanks

Maho · 08-16-2016, 01:49 PM

Ahh I figuered it out.
There is an Option on the Zendadapter as I expected.

Code:

 protected function findLdapUserDnByUsername($username)
    {
        $ldapClient = $this->getLdapClient();
        $options = $this->getUtils()->getOptions();

        $loginFilterString = '';
        if (!empty($options['userLoginFilter'])) {
            $loginFilterString = $this->convertToFilterFormat($options['userLoginFilter']);
        }

        $searchString = '(&(objectClass='.$options['userObjectClass'].')('.$options['userNameAttribute'].'='.$username.')'.$loginFilterString.')';
        $result = $ldapClient->search($searchString, null, LDAP\Client::[COLOR=#FF0000]SEARCH_SCOPE_SUB[/COLOR]);
        $GLOBALS['log']->debug('LDAP: user search string: "' . $searchString . '"');

        foreach ($result as $item) {
            return $item["dn"];
        }
    }

This one is set to "SEARCH_SCOPE_ONE" by default.
I suggest to make this available in the UI as well.

500 Internal Server Error

https://framework.zend.com/manual/1.11/de/zend.ldap.api.html

Maho · 08-16-2016, 01:18 PM

Yes I tried this option then the debugger tells me again "user not found"
The Structure in my case lloks like this

so all users shall have access. For me it looks like it is not resolving the hirachy.
I tried to google for some information about the zend adapter. but since i am not a programmer I got stuck.
I guess there is a parameter in the adapter to tell him serching through the hirachy

tarasm · 08-16-2016, 12:51 PM

Did you try "OU=Department,OU=Company,DC=xxxx,DC=xx xx"? Yes, this bug fixed and will be add to the new release.
In my case, I have the following structure:

My base dn is "cn=users-group,ou=users,dc=espo,dc=local".

Maho · 08-16-2016, 11:52 AM

ok I played a little bit arround.
so if I am typing the full "basedn" which in the case of my user "OU=OU-Mitarbeiter,OU=Department,OU=Company,DC=xxxx,DC=xx xx" it works fine.
but if I want to give access to everybody in the company by using only "OU=Company,DC=xxxx,DC=xxxx" it says user not found.
so is this a bug or is that how its suppose to be? because from my point of view the case of giving the company access should be valid?

btw I found another small bug in the fieldmapping that should be fixed in the next update.

Code:

protected $ldapFieldMap = array(
        'userName' => 'userNameAttribute',
        'firstName' => 'userTitleAttribute',
        'lastName' => 'userFirstNameAttribute',
        'title' => 'userLastNameAttribute',
        'emailAddress' => 'userEmailAddressAttribute',
        'phoneNumber' => 'userPhoneNumberAttribute',
    );

tarasm · 08-16-2016, 10:09 AM

Did you define the user "Base DN" or "User Login Filter"? More information about configuring LDAP https://github.com/espocrm/documenta...thorization.md

Maho · 08-16-2016, 09:33 AM

Just updated to 4.2.2 and having the same issue with Ldap on AD.

Code:

[2016-08-16 09:26:17] Espo.DEBUG: LDAP: user search string: "(&(objectClass=user)(SamAccountName=me_user))" [] []
[2016-08-16 09:26:17] Espo.DEBUG: Found DN for [me_user]: []. [] []
[2016-08-16 09:26:17] Espo.ERROR: LDAP: Authentication failed for user [me_user], details: user is not found. [] []

Connection test works fine.
checkt several options with Userpricipalname and account canonical form.

any ideas?

tarasm · 08-15-2016, 02:00 PM

The problem was in objectClass attribute, for LDAP it is "inetOrgPerson". Now, in 4.2.2 added possibility to define the objectClass attribute on LDAP setting page.

markopraakli · 08-15-2016, 06:17 AM

Originally posted by markopraakli

[2016-08-12 12:26:43]Seems like it does not found DN

Thaks confirmed. I wrote workaround DN bindings for each user, and returning correct dn for user, then it works. Can you try yourself to authenticate with OpenLDAP?

markopraakli · 08-12-2016, 12:28 PM

[2016-08-12 12:26:43] Espo.DEBUG: LDAP: user search string: "(&(objectClass=user)(uid=myuser))" [] []
[2016-08-12 12:26:43] Espo.DEBUG: Found DN for [myuser]: []. [] []
[2016-08-12 12:26:43] Espo.ERROR: LDAP: Authentication failed for user [myuser], details: user is not found. [] []

Seems like it does not found DN but If i'll try to search manually with same filter and basedn then i found a user.

tarasm · 08-12-2016, 12:17 PM

Originally posted by markopraakli

Also I found an problem with OpenLDAP after upgrading 4.1.6 to 4.2.0 LDAP authentication not work with OpenLDAP.

What the problem is? Please check your log file. If no errors, please enable DEBUG mode.

markopraakli · 08-12-2016, 12:09 PM

Also I found an problem with OpenLDAP after upgrading 4.1.6 to 4.2.0 LDAP authentication not work with OpenLDAP.

yuri · 08-12-2016, 09:54 AM

Hi,

It's possible but not so easy. You can remove your entity and create new one. Create fields, relations with keeping their names and types.

markopraakli · 08-12-2016, 08:58 AM

Hi

How is possible to change current Base entity to Event entity. This is needed because I would like to show existing entity entries in calendar or is there some migration tool which can convert entity data?

islam.ahmed.2212 · 08-09-2016, 08:54 AM

thnx problem resolved after upgrade

EspoCRM 4.2.0 released

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment: