LDAP bridge; creating a user in ldap

rmacdonald · December 2, 2009, 11:08pm

Hi,

I was at Squiz last week and it came up in conversation that our ldap bridge says it's connected but complains about booleans when you try and expand to see any users.

It was suggested to me that I need to create an account in ldap called 'matrix' or something to kind of pull it all together. I was referred to the manual but I can't spot anything much like that.

Can someone tell me the page in the manual I need, or explain what I need to do?

gsherwood · December 3, 2009, 12:00am

Do you have any other information from the person you were talking to or maybe the error messages you are getting? I don't think I've see errors about boolean values before.

rmacdonald · December 3, 2009, 12:16am

The error is:
Could not load children: error while getting response: ldap_sort() expects parameter 2 to be resource, boolean givenFile: [SYSTEM_ROOT]/fudge/ldap/ldap.incLine:196

I was speaking with Damien, if he remembers.

Mark_Brydon · December 3, 2009, 12:30am

[quote]
The error is:

Could not load children: error while getting response: ldap_sort() expects parameter 2 to be resource, boolean givenFile: [SYSTEM_ROOT]/fudge/ldap/ldap.incLine:196

[/quote]

I’ve seen this before. A quick search… perhaps Bug Fix 3072 may be applicable to your system.

This particular report had to do with ampersands (&) in group or user names.

rmacdonald · December 3, 2009, 1:13am

No ampersands.

So you don't need to create a user called matrix in your active directory?

gsherwood · December 3, 2009, 1:32am

The only reasons you'd want to create a specific user is if the user you are connecting as does not have the same schema as the rest of the users. So you can't set the sorting rules correctly because the attributes of the user you are connecting as are not the same as regular users.

It sounds to me that something else is wrong and someone needs to get into your system and have a look at the internal LDAP errors that are being hidden from the interface. Probably best to contact Squiz support.

rmacdonald · December 3, 2009, 2:00am

I concur, thanks anyway!

warwick · June 11, 2010, 5:14am

Our LDAP bridge had been working perfectly for years… Recently we changed the "Bind DN" user, after which everything still seemed to work. Then we upgraded from Matrix 3.26.3 to 3.26.4

Now LDAP authentication doesn't work (though the bridge says it is "Connected"). The bridge doesn't expand to show members, and we get "ldap_sort() expects parameter 2 to be resource, boolean given".

I'm going to try and work what's going on … but I thought I'd post here because the error message is so similar to the others in this thread.

Warwick