Skip Menu |

This queue is for tickets about the RT-Extension-LDAPImport CPAN distribution.

Report information
The Basics
Id: 114975
Status: new
Priority: 0/
Queue: RT-Extension-LDAPImport

People
Owner: Nobody in particular
Requestors: ktm [...] rice.edu
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: LDAP Mapping different users to same id when they have an empty Email address
Date: Wed, 1 Jun 2016 16:38:58 -0500
To: bug-RT-Extension-LDAPImport [...] rt.cpan.org
From: "ktm [...] rice.edu" <ktm [...] rice.edu>
Hi RT-Extension-LDAPImport developers, I would like to report that the LDAP import process would overwrite existing users with already unique names with users with a completely different name when the emailaddress was empty. If the Email address is not there, then the existing name should be used to determine the mapping. I had to comment out the following lines to keep the users correct during the import process: --- LDAPImport.pm_ORIG 2016-05-18 13:13:36.902798407 -0500 +++ LDAPImport.pm_preDATEOPT 2016-06-01 15:59:36.845963080 -0500 @@ -906,9 +906,10 @@ my $user_obj = RT::User->new($RT::SystemUser); $user_obj->Load( $user->{Name} ); - unless ($user_obj->Id) { - $user_obj->LoadByEmail( $user->{EmailAddress} ); - } + # Do not try to load by EmailAddress if Name/uid does not exist - ktm 20160517 + #unless ($user_obj->Id) { + # $user_obj->LoadByEmail( $user->{EmailAddress} ); + #} return $user_obj; } This ticket looks like a duplicate of the existing ticket #105246. Another part of this report is an enhancement request to the rtldapimport script to allow it to take a timestamp as an option that will be applied to the filter condition to enable a simple cron job to keep the RT database in sync with the LDAP directory. Here is the adjusted usage for the changes that I have made to allow that to work: ./rtldapimport: [--debug] [--import] [--help] --help This usage statement. --debug Enable debugging. --import Do the import. --no-users Skip users. --no-groups Skip groups. --timestamp t Add modifyTimestamp-based filter to LDAPFilter The arg t is a number followed by a period letter: (s)econds, (m)inutes, (h)ours and (d)ays or z, in which case it is a full Zulu LDAP timestamp and will be used instead: YYYYMMDDHHMMSSz. It adds the additional LDAP filter criterion: Show quoted text
modifyTimestamp>=(currenttime - t) for (smhd) modifyTimestamp>=yyyymmddhhmmssZ for (z)
I have attached patches for rtldapimport and LDAPImport.pm and make them available with no restrictions. Regards, Ken

Message body is not shown because sender requested not to inline it.

Message body is not shown because sender requested not to inline it.