SiT! Bugs

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001740SiT!LDAPpublic2011-12-01 09:092013-02-10 16:24
Reporterv0hkus 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusacknowledgedResolutionopen 
PlatformLinuxOSLinuxOS Version2.6+later
Product Version3.65 LTS 
Target VersionFixed in Version 
Summary0001740: ldapSync action fails if a user on the LDAP server (treated as Customer contact) has no surname.
DescriptionldapSync action fails if a user on the LDAP server (treated as Customer contact) has no surname. When you add a contact to the local database through the administrative interface the fields "Forename" and "Surname" are required, but if you create users in AD for example surname is optional. No warnings or error messages are shown to the user. You need to examine the error log and then classes.inc.php to find out that the problem is in the function check_valid and empty surname.
TagsNo tags attached.
Attached Files

- Relationships
related to 0001759confirmed ldapSync fails if two users on the LDAP server (treated as Customer contact) have the same surname and no e-mail address 

-  Notes
User avatar (0004346)
ivan (administrator)
2011-12-03 10:23

As described this is not a 'block' bug, please see http://sitracker.org/wiki/Bugs#A_guide_to_bug_severity [^]
User avatar (0004353)
paulh (administrator)
2011-12-04 20:24

Unfortunately we require a surname within SiT (as otherwise finding contacts would be very difficult).

It is correct that no errors are feedback to the user, I'm not 100% sure how to achieve this unless we display an error to every logged in admin user?

I agree though a clearer error should be made in the error log regarding this
(0004355)
v0hkus (reporter)
2011-12-05 13:13

In AD there are 4 fields that refer to the username:

'name' - full name
'givenName' - first name
'sn' - surname
'displayName'

You require fields 'givenName' and 'sn' to be completed, but in AD users can exist with these fields blank and only 'name' field completed. SiT doesn't recognize this field and thus it leads to additional requirements for AD administrators as they must check all user accounts in AD and fill in missing information.

If we need both first name and surname an AD administrator should know that all users must have these fields filled in. It should be mentioned somewhere in the documentation and maybe on the LDAP configuration page.

Or maybe SiT can handle the 'name' field in AD when importing users from LDAP?
User avatar (0004356)
Tomse (developer)
2011-12-05 16:59

this might be a small detail, but to prevent confusion;
it's dangerous to call the user's name for username, as the username is the part to identify yourself to the system.

the username uses "sAMAccountName" in Windows AD.
(0004357)
v0hkus (reporter)
2011-12-05 17:16

You are right, Tomse.

I should use "real name" instead of "username". I didn't mean the user login itself (sAMAccountName).

- Issue History
Date Modified Username Field Change
2011-12-01 09:09 v0hkus New Issue
2011-12-03 10:23 ivan Note Added: 0004346
2011-12-03 10:23 ivan Severity block => major
2011-12-04 20:24 paulh Note Added: 0004353
2011-12-04 20:24 paulh Severity major => minor
2011-12-04 20:24 paulh Status new => acknowledged
2011-12-05 13:13 v0hkus Note Added: 0004355
2011-12-05 16:59 Tomse Note Added: 0004356
2011-12-05 17:16 v0hkus Note Added: 0004357
2013-02-10 16:24 paulh Relationship added related to 0001759


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker