Try the fastest and simplest way to install ONLYOFFICE

[Solved] LDAP : Mail Entry

Tech support for Enterprise Version

[Solved] LDAP : Mail Entry

Postby kiar » Thu Jan 05, 2017 2:59 pm

Hello,

The Ldap Authenticator Module is for us very useful, but since the last update, the procedure for the email entry changes.
Now it is in the form : USERNAME@LDAPDOMAIN, and it overrides the mail attribute of Ldap.

That's a big problem for us, since the email USERNAME@LDAPDOMAIN doesn't exist in our company.
It would be great to use the mail attribute of Ldap ( when given ), and let USERNAME@LDAPDOMAIN as a default value if the mail attribute is not given.

Regards
Last edited by kiar on Wed Jan 25, 2017 9:14 am, edited 1 time in total.
kiar
 
Posts: 23
Joined: Tue Oct 04, 2016 7:31 am

Re: LDAP : Mail Entry

Postby Maxim » Fri Jan 06, 2017 7:40 am

Hello kiar!
We had bug with LDAP but now in last release we have fixed it.
1 Please update your Enterprise
2 In Control Panel you will see "Synchronize" button. After synchronization real email will be placed instead of USERNAME@LDAPDOMAIN.
How to update Enterprise Edition to the latest version see here
Maxim
 
Posts: 495
Joined: Tue Oct 11, 2016 2:34 pm

Re: LDAP : Mail Entry

Postby kiar » Fri Jan 06, 2017 11:17 am

Hello Maxim,

Thanks for your answer.

Maxim wrote:1 Please update your Enterprise
2 In Control Panel you will see "Synchronize" button. After synchronization real email will be placed instead of USERNAME@LDAPDOMAIN.
How to update Enterprise Edition to the latest version see here


I've done the update ( CP 1.6.1.106, CS 8.9.2.25 ) and the synchronization, but unfortunately the email entries are not updated, and I still see USERNAME@LDAPDOMAIN for all users in the people list.
It is not clear, if it indicates the username or the email ( s. attachement )

tk_001.png
People List
tk_001.png (10.12 KiB) Viewed 342 times


When I try to modify an user, I see the correct email in the profil, but the notifications are sent to the wrong email USERNAME@LDAPDOMAIN when I share a document.
I just tried to share a document to an user, and the mail don't come, and I see in the logs from my email server :

Code: Select all
Jan  6 12:14:30 mailserver postfix/smtpd[32630]: NOQUEUE: reject: RCPT from notify.onlyoffice.info[52.10.60.225]: 554 5.7.1 <kiar@accounts.example.net>: Relay access denied; from=<postman@notify.onlyoffice.info> to=<kiar@accounts.example.net> proto=ESMTP helo=<notify.onlyoffice.info>


The right email in our ldap database is NAME@example.net.
kiar
 
Posts: 23
Joined: Tue Oct 04, 2016 7:31 am

Re: LDAP : Mail Entry

Postby Maxim » Tue Jan 10, 2017 7:18 am

Hello!
So try this
1 Make sure that every user who was added with LDAP has field "Mail" (if there is no such field you should add)=>you can check it with LDAPAdmin
2 Go to Control Panel=>LDAP
3 Click the link LDAP Settings=>Show
4 Replace uid to mail in Login Attribute field
5 Click SAVE

After synchronization users will be able to login by email and notification will be send to emails.
WARNING! Before doing this instruction you should make BACKUP cause the users who were added earlier without field "MAIL" will be deleted.
Maxim
 
Posts: 495
Joined: Tue Oct 11, 2016 2:34 pm

Re: LDAP : Mail Entry

Postby kiar » Tue Jan 10, 2017 7:42 am

Hello Maxim,

Thanks for your help !
It throwns an error "Login Attribute not valid".
And I just saw yesterday that I can't deactivate or delete an user anymore.
kiar
 
Posts: 23
Joined: Tue Oct 04, 2016 7:31 am

Re: LDAP : Mail Entry

Postby Maxim » Tue Jan 10, 2017 7:49 am

Kiar please show me (or send me to support@onlyoffice.com or send a private message to me) screenshot with your LDAP settings.
Maxim
 
Posts: 495
Joined: Tue Oct 11, 2016 2:34 pm

Re: LDAP : Mail Entry

Postby kiar » Tue Jan 10, 2017 8:01 am

There the screenshots from our ldap settings, I just changed the domain :

- Sync works

- Auth works

But :

- Mail attribute is false ( login@accounts.domain.net instead of name@domain.net )

- I can't deactivate or delete an user anymore

Thanks for your help !

tk_002.png
tk_002.png (28.85 KiB) Viewed 320 times


tk_003.png
tk_003.png (22.23 KiB) Viewed 320 times
kiar
 
Posts: 23
Joined: Tue Oct 04, 2016 7:31 am

Re: LDAP : Mail Entry

Postby Maxim » Tue Jan 10, 2017 9:27 am

Kiar please try once again to copy the value from field "mail" to field "uid" as it is (with a lower case).
according to your
I can't deactivate or delete an user anymore
from LDAP new version you can manage users in LDAP catalog only. If you want to delete user from portal you need to delete him from LDAP and than synchronize.
Maxim
 
Posts: 495
Joined: Tue Oct 11, 2016 2:34 pm

Re: LDAP : Mail Entry

Postby kiar » Tue Jan 10, 2017 9:37 am

Maxim wrote:Kiar please try once again to copy the value from field "mail" to field "uid" as it is (with a lower case).


Done, with the same attribute error.

Maxim wrote:according to your
I can't deactivate or delete an user anymore
from LDAP new version you can manage users in LDAP catalog only. If you want to delete user from portal you need to delete him from LDAP and than synchronize.


Ok, it's pretty logical.
I can also use ldap filter.
kiar
 
Posts: 23
Joined: Tue Oct 04, 2016 7:31 am

Re: LDAP : Mail Entry

Postby Maxim » Tue Jan 10, 2017 12:16 pm

Kiar please send us API log and WEB log in app/onlyoffice/CommunityServer/logs/
Maxim
 
Posts: 495
Joined: Tue Oct 11, 2016 2:34 pm

Next

Return to Enterprise Version

Who is online

Users browsing this forum: No registered users and 2 guests