I have users that are active in Redmine and Active Directory, but when the sync runs, it marks them as locked.

In our user entry we have an attrib "loginDisabled" = "true" or "lockedByIntruder"=true if account is locked.

Howto use this with the plugin?

Do i have do snyc via rake (eg on cron) by myself always, or is there antother auto sync (e.g by user logon)?
So with auto snyc by logon i only would need to rake sync once after first using the plugin and then diffs could be done wehne creating a user autoamciatlly on background.

When I click "Apply" button in "Administration -> Users" (to filter user list by username), Redmine gives 500 Internal Server Error.

Logged error in production.log:

NoMethodError (undefined method `call' for nil:NilClass):
  app/controllers/users_controller.rb:44:in `index'
  passenger (3.0.12) lib/phusion_passenger/rack/request_handler.rb:96:in `process_request'
  passenger (3.0.12) lib/phusion_passenger/abstract_request_handler.rb:513:in `accept_and_process_next_request'
  passenger (3.0.12) lib/phusion_passenger/abstract_request_handler.rb:274:in `main_loop'
  passenger (3.0.12) lib/phusion_passenger/classic_rails/application_spawner.rb:321:in `start_request_handler'
  passenger (3.0.12) lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `send'
  passenger (3.0.12) lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `handle_spawn_application'
  passenger (3.0.12) lib/phusion_passenger/utils.rb:479:in `safe_fork'
  passenger (3.0.12) lib/phusion_passenger/classic_rails/application_spawner.rb:270:in `handle_spawn_application'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:357:in `__send__'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:180:in `start'
  passenger (3.0.12) lib/phusion_passenger/classic_rails/application_spawner.rb:149:in `start'
  passenger (3.0.12) lib/phusion_passenger/spawn_manager.rb:219:in `spawn_rails_application'
  passenger (3.0.12) lib/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add'
  passenger (3.0.12) lib/phusion_passenger/spawn_manager.rb:214:in `spawn_rails_application'
  passenger (3.0.12) lib/phusion_passenger/abstract_server_collection.rb:82:in `synchronize'
  passenger (3.0.12) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  passenger (3.0.12) lib/phusion_passenger/spawn_manager.rb:213:in `spawn_rails_application'
  passenger (3.0.12) lib/phusion_passenger/spawn_manager.rb:132:in `spawn_application'
  passenger (3.0.12) lib/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:357:in `__send__'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  passenger (3.0.12) lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  passenger (3.0.12) helper-scripts/passenger-spawn-server:99

Redmine config:

• Redmine 1.4.4.stable
• Rails 2.3.14
• ruby 1.8.7
• Phusion Passenger 3.0.12
• nginx 1.3.5
• mysql 5.1
• Scientific Linux 6.1

Redmine is installed in subURI.

Hi there, i'm trying to use your plugin with redmine 1.2.1 and openldap.
I use posixAccount and posixGroup for my structure. So far so well.
But during import of accounts using the rake task, the plugin imports
wrong accounts. My "must be in group" is "redmine". The dump is this:

dn: cn=redmine,ou=groups,dc=escape-to-space,dc=de
cn: redmine
gidnumber: 1007
memberuid: steben
memberuid: gawain
memberuid: hastator
memberuid: spielkind
memberuid: haschiwu
memberuid: hagbard
memberuid: hawking
memberuid: ttest
objectclass: posixGroup

During sync, the accounts hagbard and haschiwu are not created, but in their place
the accounts valleyman and geist.
For the correctly created accounts, the association to their groups works correctly.

de:
ldap_domain_label_active: "Aktiv"
ldap_domain_label_groups_base_dn: "Gruppen DN"
ldap_domain_label_attr_groupname: "Gruppenname"
ldap_domain_label_groupname_filter: "Gruppen RexExpressiom"
ldap_domain_label_domain_group: "Domain group"

Helo!

I'm very happy user of your plugin. It worked like charm until today.
I'm using bitnami version of redmine (1.4.4) on windows 2008 server and 1.2.0 version of your plugin.

When invoking command
rake redmine:plugins:redmine_ldap_sync:sync_users RAILS_ENV=production

I get an error
Mysql::Error: Duplicate entry '6-5' for key 1: INSERT INTO groups_users (group_id, user_id) VALUES (6, 5)

So I explored table 'groups_users' with phpmyadmin and I can see that there is already one row with same values.

Because I have no knowlege in sql I did backup the database and then I truncated table 'groups_users' and voila: sync_users went fine.
But just for the first time. Second time (and ofcourse all the next) I get similar error Duplicate entry.

Can anybody advise me how to get rid of this error?

Hi,
I'm getting this error during sync for one user but I can't figure why.
My log looks like this :

-- Updating user 'user1'...
-- Updating user 'user2'...
-- Could not create user 'dummy1': "First name can't be blank", "Last name can't be blank", "Email can't be blank", "Login is invalid"
-- Could not create user 'dummy2': "Last name can't be blank", "Email can't be blank"
-- Could not create user 'dummy3': "Email can't be blank"
-- Updating user 'user3'...
rake aborted!
wrong argument type Hash (expected Regexp)
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:72:in match' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:72:indelete_matched'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:172:in call' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:172:insearch_dir'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:in foreach' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:insearch_dir'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:170:in search_dir' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:inforeach'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:in search_dir' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:170:insearch_dir'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:in foreach' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:166:insearch_dir'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:70:in delete_matched' /usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache.rb:520:ininstrument'
/usr/local/lib/ruby/gems/1.8/gems/activesupport-3.2.6/lib/active_support/cache/file_store.rb:68:in delete_matched' /var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:329:inupdate_closure_cache!'
/var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:98:in sync_users' /var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:22 /var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20:ineach'
/var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:in call' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:inexecute'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:in each' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:inexecute'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:158:in invoke_with_call_chain' /usr/local/lib/ruby/1.8/monitor.rb:242:insynchronize'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:151:in invoke_with_call_chain' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:144:ininvoke'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:116:in invoke_task' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:intop_level'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in each' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:intop_level'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:in standard_exception_handling' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:88:intop_level'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:66:in run' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:instandard_exception_handling'
/usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:63:in run' /usr/local/lib/ruby/gems/1.8/gems/rake-0.9.2.2/bin/rake:33 /usr/local/bin/rake:19:inload'
/usr/local/bin/rake:19
Tasks: TOP => redmine:plugins:redmine_ldap_sync:sync_users

Using the redmine-2.0 branch, when I click on the 'configure' link in Administration -> Plugins, i obtain a redmine 500 error.

The redmine logs are :

Started GET "/settings/plugin/redmine_ldap_sync" for xxx.xxx.xxx.xxx at Wed Sep 12 15:51:57 +0200 2012
Processing by SettingsController#plugin as HTML
Parameters: {"id"=>"redmine_ldap_sync"}
Rendered plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb (3.1ms)
Rendered settings/plugin.html.erb within layouts/admin (4.3ms)
Completed 500 Internal Server Error in 10ms

ActionView::Template::Error (undefined method fetch' for "":String): 10: " 11: %> 12: <% AuthSourceLdap.all.each_with_index do |ldap, i| -%> 13: <fieldset class="collapsible <%= 'collapsed' unless ldap.ldapsync_active? %>"> 14: <legend onclick="toggleFieldset(this);"><%= ldap.name %></legend> 15: <div <%= 'style="display:none"' unless ldap.ldapsync_active? %>> 16: app/models/user.rb:200:ineach_with_index'
app/views/settings/plugin.html.erb:6:in _app_views_settings_plugin_html_erb__445524284__630599948' app/views/settings/plugin.html.erb:4:in_app_views_settings_plugin_html_erb__445524284__630599948'

My config :
Redmine 2.0.3.stable
Rails 3.2.6
ruby 1.8.7

Is there any fix for that ?
Thanks

I configured this plugins on my redmine environment and it's fine. I would like to use group on my repository. Actually, i can configure only the repositiry by identifiant (user) but i would like the used repository by group.

By example, i have a project "Redmine"

Must use AD groups to which the user belongs. An example of a group associated with SVN.

Each project has an equivalent group in AD. Eg: If the user is in the group redmine_R, it will read-only access to the source code of the project redmine. If the user is in the group redmine_RW, it will have access to read and write the source code of the project redmine. If the user is not in the group or redmine_R redmine_RW, it does have access to any source code of this project.

It's possible to configure my redmine environment and my plugins LDAPSYNC to use group on my repository

Thank you very much for your help!

Hi all,

I configured a cron job to synchronize LDAP users, but I am getting the following error:

** Invoke redmine:plugins:redmine_ldap_sync:sync_users (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users
rake aborted!
interning empty string
/opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/entry.rb:99:in intern' /opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/entry.rb:99:in[]'
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:277:in renamed_attrs' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:268:inldap_search'
/opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:634:in search' /opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1175:insearch'
/opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1144:in loop' /opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1144:insearch'
/opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:632:in search' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:269:inldap_search'
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:239:in find_all_groups' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:165:ingroups_changes'
/opt/bitnami/apps/redmine/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:544:in open' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:145:ingroups_changes'
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:15:in sync_groups' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:70:insync_users'
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:47:in each' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:47:insync_users'
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:8
/opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:6:in each' /opt/bitnami/apps/redmine/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:6 /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:incall'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:in execute' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:ineach'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:in execute' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:158:ininvoke_with_call_chain'
/opt/bitnami/ruby/lib/ruby/1.8/monitor.rb:242:in synchronize' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:151:ininvoke_with_call_chain'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:144:in invoke' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:116:ininvoke_task'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in top_level' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:ineach'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in top_level' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:instandard_exception_handling'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:88:in top_level' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:66:inrun'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:in standard_exception_handling' /opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:63:inrun'
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/rake-0.9.2.2/bin/rake:33
/opt/bitnami/ruby/bin/rake:19:in `load'
/opt/bitnami/ruby/bin/rake:19
Tasks: TOP => redmine:plugins:redmine_ldap_sync:sync_users
Synchronizing AuthSource ED Production...
-- Updating user 'cosmos'...

-- Updating user 'manu'...

The fields I tried to synchronize are equally filled in user cosmos and manu.
Any tip about this? Or some more information maybe?

thanks for support!

Laurent

When I run the rake script to sync with my ldap I get

rake aborted!
undefined method `add_to_auth_source_group' for #User:0x7f6a64047d80

This happens when it's attempting to unlock an account that's currently locking in the Redmine database.

Trace Output:

** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users
Synchronizing AuthSource syseng...
-- Updating user 'chad'...
rake aborted!
undefined method add_to_auth_source_group' for #<User:0x7fe3907eee58> /storage/drobo_id0/redmine-1.3.1/vendor/rails/activerecord/lib/active_record/attribute_methods.rb:260:inmethod_missing'
/storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:12:in sync_groups' /storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:70:insync_users'
/storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:47:in each' /storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:47:insync_users'
/storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:8
/storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:6:in each' /storage/drobo_id0/redmine-1.3.1/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:6 /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:incall'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:in execute' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:ineach'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:in execute' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:158:ininvoke_with_call_chain'
/usr/lib/ruby/1.8/monitor.rb:242:in synchronize' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:151:ininvoke_with_call_chain'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:144:in invoke' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:116:ininvoke_task'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in top_level' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:ineach'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in top_level' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:instandard_exception_handling'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:88:in top_level' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:66:inrun'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:in standard_exception_handling' /usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:63:inrun'
/usr/lib64/ruby/gems/1.8/gems/rake-0.9.2.2/bin/rake:33
/usr/bin/rake:19:in `load'
/usr/bin/rake:19
Tasks: TOP => redmine:plugins:redmine_ldap_sync:sync_users

I'm using Redmine 1.3.1 against OpenLDAP.

Any thoughts?

Thanks
Chad

Hello.

I have setup the plugin on two machines - Ubuntu desktop & server (12.04 LTS) the one notable difference being that desktop runs x32 and server x64.

Everything worked fine on the desktop, but with the same configuration of the plugin on the server I get the error shown bellow.

The native redmine LDAP settings on the server work as I can login with my Active Directory user and pass.

I would appreciate any help or tip.
If you need more info let me know.

I see that this problem was eminent before
http://www.redmine.org/issues/11447

with the difference that it happens on my server without any import.

Thanks.

mmilic@pswredmine:/var/www/redmine$ sudo rake redmine:plugins:redmine_ldap_sync:sync_users RAILS_ENV=production --trace
[sudo] password for mmilic:
** Invoke redmine:plugins:redmine_ldap_sync:sync_users (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users
Synchronizing AuthSource ITREZOR...
rake aborted!
"\x82" from ASCII-8BIT to UTF-8
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ber/core_ext/string.rb:23:in `encode'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ber/core_ext/string.rb:23:in `raw_utf8_encoded'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ber/core_ext/string.rb:15:in `to_ber'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1396:in `block in search'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1367:in `loop'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1367:in `search'
/var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:637:in `search'
/var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:277:in `ldap_search'
/var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:269:in `find_all_users'
/var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:131:in `ldap_users'
/var/www/redmine/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:41:in `sync_users'
/var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:22:in `block (5 levels) in <top (required)>'
/var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20:in `each'
/var/www/redmine/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20:in `block (4 levels) in <top (required)>'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:227:in `call'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:227:in `block in execute'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:222:in `each'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:222:in `execute'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:166:in `block in invoke_with_call_chain'
/usr/lib/ruby/1.9.1/monitor.rb:211:in `mon_synchronize'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:159:in `invoke_with_call_chain'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/task.rb:152:in `invoke'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:141:in `invoke_task'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:99:in `block (2 levels) in top_level'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:99:in `each'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:99:in `block in top_level'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:108:in `run_with_threads'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:93:in `top_level'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:71:in `block in run'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:158:in `standard_exception_handling'
/var/lib/gems/1.9.1/gems/rake-10.0.2/lib/rake/application.rb:68:in `run'
/var/lib/gems/1.9.1/gems/rake-10.0.2/bin/rake:37:in `<top (required)>'
/usr/local/bin/rake:19:in `load'
/usr/local/bin/rake:19:in `<main>'
Tasks: TOP => redmine:plugins:redmine_ldap_sync:sync_users
Synchronizing AuthSource ITREZOR...

If you've defined a group under 'Users must be a member of' for the synchronization actions, and have also defined 'Account disable test' criteria, the disable test does not function as expected.

A user matching the disable criteria will show up in the output from a sync:

-- Locked user 'disabled.user'

Later in the output however, this will appear:

-- Updating user 'disabled.user'...
-> activated: the user is a member of group 'required.group'

It seems the 'must be a member of' setting overrides any disable test, which is not desirable.

Automatic user creation fails with empty mandatory user custom fields, because of the validation.
To fix we can detect these fields and fill them with blank strings.

Hi ,

I'm trying to use redmine_ldap_sync with redmine 1.3.1 . My goal is to get some user from an openLDAP v3 ...
I use Ldap authentification ou=people,.. and it's working fine ..

I 've set up the redmine_ldap-sync to perform a search on ou=groups...

my openldap structure:

dn:
cn:
member : uid=surname.name,ou=people....

objectClass: groupOfNames

my redmine_ldap_sync

Group dn: ou=groups
user objectClass person
group objectclass = groupofname

groupsearch filter (cn=mygroup*)

group membership on group class
nested group disabled

attributs
groupname sn

memberusers member

memberid uid

I use wireshark to read the communication between redmine and ldap ...

Any of the search request are using the ou=group, ... groupbase DN.

all the search request are using the ou=people ... base name

result => after the script it's importing every user from the ldap without any filter

it seems than i don't even read the group base DN.

Is there any better way to find out which request is send to the openldap server

sincerly,

Jerry

An ldapauth, since revision 9241, doesn't require an admin or anonymous account to retrieve the user's details.

Since we require it for the rake task, we will have to ask for an account on the plugin's settings page.

Redmine 1.4 on Ubuntu, querying a MacOS OpenLDAP...

Version 1.2 of this plugin.

The following config works but says that all accounts are not members of "redmine" and locks them.

Is this a common issue that anyone has seen?

Groups base DN: cn=groups,dc=domain,dc=com
Users objectclass: person
Groups objectclass: posixGroup

Group Membership: On The Group Class

Groups name (group) cn
Member Users (group) memberUid
Memberid (user) dn

Users must be a member of: redmine

After updating the Redmine to revision 9241 I've get error

A ArgumentError occurred in account#login:

 wrong number of arguments (1 for 2)
 [RAILS_ROOT]/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:121:in 'get_user_dn'

When I change 121 line:
attrs = get_user_dn(user.login)
by:
attrs = get_user_dn(user.login, "")
error is gone.

Hello, I've finally managed to install the plugin.
Now I tried to start the first synchronization, after configuring plugin paramenters.

It seems that each user is skipped because apparently already existing somewhere else.
Should I have to configure something elsE?

Plugin settings page breaks on current Debian stable, because html_safe is not present there. See error:

Environment: redmine 1.1.2 from squeeze-backports, ruby 1.8, rails 2.3.5 from squeeze-main

ActionView::TemplateError (undefined method `html_safe' for "<label>Aktiv</label>":String) on line #17 of vendor/plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb:
14:   <legend onclick="toggleFieldset(this);"><%= ldap.name %></legend>
15:   <div <%= 'style="display:none"' unless ldap.ldapsync_active? %>>
16: 
17:     <p><%= ldap_check_box ldap.name, 'active' %></p>
18: 
19:     <fieldset class="collapsible">
20:       <legend onclick="toggleFieldset(this);"><%=l :text_ldap_settings %></legend>

vendor/plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb:17
/usr/lib/ruby/1.8/active_record/attribute_methods.rb:211:in `each_with_index'
vendor/plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb:12:in `each'
vendor/plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb:12:in `each_with_index'
vendor/plugins/redmine_ldap_sync/app/views/settings/_ldap_sync_settings.html.erb:12
/usr/lib/ruby/1.8/action_view/renderable.rb:34:in `send'
/usr/lib/ruby/1.8/action_view/renderable.rb:34:in `render'
/usr/lib/ruby/1.8/action_view/base.rb:306:in `with_template'
/usr/lib/ruby/1.8/action_view/renderable.rb:30:in `render'
/usr/lib/ruby/1.8/action_view/renderable_partial.rb:20:in `render'
/usr/lib/ruby/1.8/action_controller/benchmarking.rb:30:in `benchmark'
/usr/lib/ruby/1.8/action_view/renderable_partial.rb:19:in `render'
/usr/lib/ruby/1.8/action_view/template.rb:205:in `render_template'
/usr/lib/ruby/1.8/action_view/renderable_partial.rb:44:in `render_partial'
/usr/lib/ruby/1.8/action_view/partials.rb:184:in `render_partial'
/usr/lib/ruby/1.8/action_view/base.rb:267:in `render'
app/views/settings/plugin.rhtml:6:in `_run_rhtml_app47views47settings47plugin46rhtml'
/usr/lib/ruby/1.8/action_view/helpers/capture_helper.rb:36:in `call'
/usr/lib/ruby/1.8/action_view/helpers/capture_helper.rb:36:in `capture'
/usr/lib/ruby/1.8/action_view/helpers/capture_helper.rb:129:in `with_output_buffer'
/usr/lib/ruby/1.8/action_view/helpers/capture_helper.rb:36:in `capture'
/usr/lib/ruby/1.8/action_view/helpers/form_tag_helper.rb:466:in `form_tag_in_block'
/usr/lib/ruby/1.8/action_view/helpers/form_tag_helper.rb:39:in `form_tag'
app/views/settings/plugin.rhtml:4:in `_run_rhtml_app47views47settings47plugin46rhtml'
/usr/lib/ruby/1.8/action_view/renderable.rb:34:in `send'
/usr/lib/ruby/1.8/action_view/renderable.rb:34:in `render'
/usr/lib/ruby/1.8/action_view/base.rb:306:in `with_template'
/usr/lib/ruby/1.8/action_view/renderable.rb:30:in `render'
/usr/lib/ruby/1.8/action_view/template.rb:205:in `render_template'
/usr/lib/ruby/1.8/action_view/base.rb:265:in `render'
/usr/lib/ruby/1.8/action_view/base.rb:348:in `_render_with_layout'
/usr/lib/ruby/1.8/action_view/base.rb:262:in `render'
/usr/lib/ruby/1.8/action_controller/base.rb:1250:in `render_for_file'
/usr/lib/ruby/1.8/action_controller/base.rb:945:in `render_without_benchmark'
/usr/lib/ruby/1.8/action_controller/benchmarking.rb:51:in `render'
/usr/lib/ruby/1.8/action_controller/benchmarking.rb:51:in `render'
/usr/lib/ruby/1.8/action_controller/base.rb:1326:in `default_render'
/usr/lib/ruby/1.8/action_controller/base.rb:1332:in `perform_action_without_filters'
/usr/lib/ruby/1.8/action_controller/filters.rb:617:in `call_filters'
/usr/lib/ruby/1.8/action_controller/filters.rb:610:in `perform_action_without_benchmark'
/usr/lib/ruby/1.8/action_controller/benchmarking.rb:68:in `perform_action_without_rescue'
/usr/lib/ruby/1.8/action_controller/benchmarking.rb:68:in `perform_action_without_rescue'
/usr/lib/ruby/1.8/action_controller/rescue.rb:160:in `perform_action_without_flash'
/usr/lib/ruby/1.8/action_controller/flash.rb:146:in `perform_action'
/usr/lib/ruby/1.8/action_controller/base.rb:532:in `send'
/usr/lib/ruby/1.8/action_controller/base.rb:532:in `process_without_filters'
/usr/lib/ruby/1.8/action_controller/filters.rb:606:in `process'
/usr/lib/ruby/1.8/action_controller/base.rb:391:in `process'
/usr/lib/ruby/1.8/action_controller/base.rb:386:in `call'
/usr/lib/ruby/1.8/action_controller/routing/route_set.rb:437:in `call'
/usr/lib/ruby/1.8/action_controller/dispatcher.rb:87:in `dispatch'
/usr/lib/ruby/1.8/action_controller/dispatcher.rb:121:in `_call'
/usr/lib/ruby/1.8/action_controller/dispatcher.rb:130:in `build_middleware_stack'
/usr/lib/ruby/1.8/active_record/query_cache.rb:29:in `call'
/usr/lib/ruby/1.8/active_record/query_cache.rb:29:in `call'
/usr/lib/ruby/1.8/active_record/connection_adapters/abstract/query_cache.rb:34:in `cache'
/usr/lib/ruby/1.8/active_record/query_cache.rb:9:in `cache'
/usr/lib/ruby/1.8/active_record/query_cache.rb:28:in `call'
/usr/lib/ruby/1.8/active_record/connection_adapters/abstract/connection_pool.rb:361:in `call'
/usr/lib/ruby/1.8/action_controller/string_coercion.rb:25:in `call'
/usr/lib/ruby/1.8/rack/head.rb:9:in `call'
/usr/lib/ruby/1.8/rack/methodoverride.rb:24:in `call'
/usr/lib/ruby/1.8/action_controller/params_parser.rb:15:in `call'
/usr/lib/ruby/1.8/action_controller/session/cookie_store.rb:93:in `call'
/usr/lib/ruby/1.8/action_controller/failsafe.rb:26:in `call'
/usr/lib/ruby/1.8/rack/lock.rb:11:in `call'
/usr/lib/ruby/1.8/rack/lock.rb:11:in `synchronize'
/usr/lib/ruby/1.8/rack/lock.rb:11:in `call'
/usr/lib/ruby/1.8/action_controller/dispatcher.rb:106:in `call'
/usr/lib/ruby/1.8/rack/content_length.rb:13:in `call'
/usr/lib/ruby/1.8/rack/handler/fastcgi.rb:57:in `serve'
public/dispatch.fcgi:24

Hello,
I'm able to import my users from Active Directory.
I cannot do the same with groups, that are definitively not imported.
Does the rake script configures both?

IT would be really handy to have a ldap group search filter, so i can filter on ldap attributes, eg.
(&(cn={0})(OU=GR)(O=DV)(ObjectClass=groupOfNames))
The additional regexpress filter for names is use fully adittionally.

Error occours on trying to login after i configed ldap syn

F, [2011-08-05T09:43:04.458170 #4304] FATAL -- : 
ActiveRecord::SubclassNotFound (The single-table inheritance mechanism failed to locate the subclass: 'AuthSourceLdapAdvanced'. This error is raised because the column 'type' is reserved for storing the class in case of inheritance. Please rename this column if you didn't intend it to be used for storing the inheritance class or overwrite AuthSource.inheritance_column to use another column for that information.):
  app/models/user.rb:131:in `try_to_login_without_redmine_ldap_sync'
  app/controllers/account_controller.rb:147:in `password_authentication'
  app/controllers/account_controller.rb:142:in `authenticate_user'
  app/controllers/account_controller.rb:30:in `login'
  passenger (2.2.14) lib/phusion_passenger/rack/request_handler.rb:92:in `process_request'
  passenger (2.2.14) lib/phusion_passenger/abstract_request_handler.rb:207:in `main_loop'
  passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:441:in `start_request_handler'
  passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:381:in `handle_spawn_application'
  passenger (2.2.14) lib/phusion_passenger/utils.rb:252:in `safe_fork'
  passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:377:in `handle_spawn_application'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:163:in `start'
  passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:222:in `start'
  passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:262:in `spawn_rails_application'
  passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:126:in `lookup_or_add'
  passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:256:in `spawn_rails_application'
  passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize'
  passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:255:in `spawn_rails_application'
  passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:154:in `spawn_application'
  passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:287:in `handle_spawn_application'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
  passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'

I need some pointers on how to configure Ldap Sync with AD 2003

I am running brand new redmine 2.2 (windows 2008r2 bitnami flavor).
Ldap Sync 1.3 plugin installed. Thats it.
LDAP configuration configured and tested OK

I would like to sync my AD users that are members of group MAINGROUP, located in OU=MY OU,DC=DOMAIN,DC=COM

I setup that plugin as following:

Group base DN: dc=domain,dc=com
User objectclass: user --> default plugin settings
Groups objectclass: group --> default plugin settings
Group search filter: (memberof=cn=MAINGROUP,ou=MY OU,dc=DOMAIN,dc=COM)
Account disabled test: (default plugin settings)
Group membership: On the group class
Enable Nested groups: Disabled

next two setting revert to default after you click apply

Attributes Group name (group): samaccountname
Attributes Account flags (user): useraccountcontrol

Sync settings:

Create new users - checked
Sync users attributes - checked
Attributes to be synced: First Name, Last name, Email

when I ran
rake, system says "Synchronizing AuthSource domain.com" and exits back to command prompt.

Thanks.

Hello,

I test this week-end your new plugin version with Debian Squeeze / OpenLDAP ans Redmine 1.2.1 but I can't sync my groups.

This is my configuration :

must_be_member_of: ""
groups_base_dn: ou=groups,dc=*************,dc=net
create_groups: "yes"
group_search_filter: ""
class_group: posixGroup
create_users: "yes"
add_to_group: ""
groupname_pattern: ""
attr_member: memberUid
class_user: inetOrgPerson
attr_groupname: cn
active: "yes"

rake trace :

rake redmine:plugins:redmine_ldap_sync:sync_users RAILS_ENV=production --trace

** Invoke redmine:plugins:redmine_ldap_sync:sync_users (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users

Can I do something else for help you to debug ?

Thanks

Ran the rake task and all my users were imported without an issue, but the groups are empty.

The cn of one of my groups looks like
cn=Client Services,ou=people,dc=xyz,dc=com
which contains member
uid=adria.stapleton,ou=people,dc=xyz,dc=com
objectclass groupOfNames

groups base dn = ou=people,dc=xyz,dc=com
Group name attribute = cn
Members attribute = member
member id attribute = uid
Groups objectclass = groupOfNames
Users objectclass = person

I had this issue on 2008R2 server (bitnami install). I read closed issue that it was working on 32bit PC.

I build brand new server2003 R2 32bit system, but got exactly the same error.

I saw mentioning that there is a workaround to make it work; can I be pointed toward it :)

I am not big Ruby expert, so I may need a bit more help.

Thanks

I'm trying to install this plugin on a new Redmine 2.0.2 install - and getting the following error duing the migration. I think this is due to redmine2 using newer Rails - but I don't know enough about Rails to attempt a fix... Help?

$ RAILS_ENV=production rake redmine:plugins:migrate
rake aborted!
no such file to load -- dispatcher

Tasks: TOP => redmine:plugins:migrate => environment
(See full trace by running task with --trace)

Environment:
Redmine version 2.0.2.stable
Ruby version 1.8.7 (x86_64-linux)
Rails version 3.2.5
Environment production
Database adapter MySQL

My ldap repository (OpenDS) has attributes per user to indicate group membership. Using this would allow for nested group configurations from within ldap to automatically work in redmine.

part of the ldif from my ldap user:

dn: cn=Jelle Hissink,ou=Employees,dc=CodeWise,dc=nl
cn: Jelle Hissink
uid: jelle
givenName: Jelle
objectClass: person
isMemberOf: cn=CodeWise,ou=Employees,dc=CodeWise,dc=nl
isMemberOf: cn=redmine-users,ou=Groups,dc=CodeWise,dc=nl
isMemberOf: cn=Developers,ou=Groups,dc=CodeWise,dc=nl

I have no experience in ruby, but i think the groups_changes function in auth_source_ldap_patch.rb should be modified. I just don't have a clue how to start. otherwise I would have attached a patch.

Would be useful to be able to sync extended fields from ldap attributes into users extended profile.
See also my request on the plugins page for extended profile - http://projects.andriylesyuk.com/issues/2020

Would be great if this two plugins work together.

We lossing group memberships for users on every login and can't explain and how this descion is made based on our ldap sync config.
Is there andy debugging ouput which logs what and why its it syncec (create, udate; remove, deactivate, added,..)

Hello,
I recently deployed Redmine for my developers, and i have to tell you all Redmine is soooo much better thank Trac. Anyway deployment went fine i was able to set up LDAP Auth for my users, it works great with Subversion i was able to link Projects to Repos and so on.
One think left is to be able to sync LDAP groups with redmine. I installed plugin from 'https://github.com/thorin/redmine_ldap_sync' it is version 1.2.0 and when i run
rake redmine:plugins:redmine_ldap_sync:sync_users RAILS_ENV=production this is the output i get:
Synchronizing AuthSource Ldap Auth...
-- Updating user 'aturner'...
-- Updating user 'rwalker'...
-- Could not create user 'svntest': "Email can't be blank"
-- Updating user 'sgratzl'...
-- Updating user 'dpolak'...
-- Updating user 'aptashnik'...
-- Updating user 'tjoyce'...
-- Updating user 'vsardaryan'...
-- Updating user 'diorj'...

root@chi-repo-01 redmine]# RAILS_ENV=production script/about
About your application's environment
Ruby version 1.8.7 (x86_64-linux)
RubyGems version 1.4.2
Rack version 1.1
Rails version 2.3.14
Active Record version 2.3.14
Active Resource version 2.3.14
Action Mailer version 2.3.14
Active Support version 2.3.14
Edge Rails revision unknown
Application root /var/www/redmine
Environment production
Database adapter mysql
Database schema version 20110902000000

About your Redmine plugins
Redmine Logs plugin 0.0.3
Redmine - Ldap Sync 1.2.0

it does not look like it is syncing groups it syncs only users. Is there a trick to it please let me know i would love to get this done.
Please let me know if there is something that im missing.
Im using MS LDAP

Group name (group) * sAMAccountName

Account flags (user)

Groups (user) * isMemberOf

Groupid (group) * groups

Member groups (group) * memberof

Memberid (group) * distinguishedName

Thank you for all replies and help.

How can i import groups from two or more branchnes in my ldap?
e.g

S->R->T My Groups of type 1
S->Z-> My Groups of type 2

I took a stab at updating the following plugin to be 2.2 compatible: http://www.redmine.org/plugins/redmine_gemavatar

However, I'm not a RoR developer by any stretch of the imagination and failed miserably. I was thinking that the functionality it provides might be something nice to include in your plugin.

I'm trying to get redmine to sync against Lotus Notes LDAP. The groups in Lotus Notes Notes LDAP do not have a base dn, i.e. they are located in the root of the ldap tree. At the moment, I'm not able to get anything synced. I need a logging facility for the generated ldap query string for getting this to work (or a ready-to-cook recipe).
Can you tell me how to log the query strings?

You can add the settings plug-in ability to disable lock the account on the basis of UserAccountControl?
These flags are only available for Microsoft AD and does not support opening means in OpenLDAP.
And tell me, how in the current release, I can turn off this feature?
Thank you.

Add the option to select a group of which all users would be set as redmine administrators.

This would help with this issue: http://www.redmine.org/issues/9211

I'm running redmine 1.2.1 on ubuntu 10.04LTS. The plugin works perfectly but in the user interface of redmine, only the title of the section 'Synchronization Settings' shows up. I cannot set or see any of the settings under this group. I verified this behavior on chrome 13 and firefox 6. Any idea what could cause this behavior? If you like, I can send you a screenshot as well.

Regards.

Hi,

redmine_ldap_sync deactivates users marked as deactivated in LDap/AD. But often users are not marked as deactivated but deleted from ActiveDirectory and/or LDap. These users are not able to login, of course, but redmine tries to send them emails etc.pp.

I think there should be a possibility for a ldap-sync-task check user database against the synced ldap and if a user doesn't exists in any of the synchronized sources anymore this user should deactivated in redmine, too.

May that there should be a config option which would tell ldap-sync which groups of redmine users to check against ldap-source.

But this check against deleted users would be very helpfull.

Bye

p.s. it is a wonderful and usefull tool

It seems that LDAP sync plugin cannot associate the user if his LDAP login and his Redmine login are in different letter cases.

Easy to reproduce: LDAP login is "SomeUser", Redmine login is "someuser". Run the script. It always locks "someuser" in Redmine. When you change redmine login from "someuser" to "SomeUser", it works fine, and user is not locked on every run.

Since LDAP (at least in Active Directory) is case-insensitive, this comparison should be case insensitive too. Till then, I actually cannot use LDAP sync because of lots of already created users, all of them are in lowercase (it is our convention for redmine logins).

I have one user that gets a blank screen after login, here's the error:

Processing AccountController#login (for 10.0.1.61 at 2012-02-16 18:36:18) [POST]
Parameters: {"action"=>"login", "authenticity_token"=>"(removed)", "username"=>"abcdefgh", "
controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login \302\273"}
User 'dmathews' created from external auth source: AuthSourceLdap - AD

ActiveRecord::RecordInvalid (Validation failed: Name is too long (maximum is 30 characters)):
app/controllers/account_controller.rb:147:in password_authentication' app/controllers/account_controller.rb:142:inauthenticate_user'
app/controllers/account_controller.rb:30:in login' passenger (2.2.14) lib/phusion_passenger/rack/request_handler.rb:92:inprocess_request'
passenger (2.2.14) lib/phusion_passenger/abstract_request_handler.rb:207:in main_loop' passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:441:instart_request_handler'
passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:381:in handle_spawn_application' passenger (2.2.14) lib/phusion_passenger/utils.rb:252:insafe_fork'
passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:377:in handle_spawn_application' passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:insend'
passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in main_loop' passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:196:instart_synchronously'
passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:163:in start' passenger (2.2.14) lib/phusion_passenger/railz/application_spawner.rb:222:instart'
passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:262:in spawn_rails_application' passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:126:inlookup_or_add'
passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:256:in spawn_rails_application' passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:80:insynchronize'
passenger (2.2.14) lib/phusion_passenger/abstract_server_collection.rb:79:in synchronize' passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:255:inspawn_rails_application'
passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:154:in spawn_application' passenger (2.2.14) lib/phusion_passenger/spawn_manager.rb:287:inhandle_spawn_application'
passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:in __send__' passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:352:inmain_loop'
passenger (2.2.14) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'

What do the 30 characters refer to? The group name? If so can that field length be increased or is that a redmine limitation? Update: I copied this user to another user and the copy works fine (so I don't think it's a problem with the groups). Does anyone have any ideas on what would be too long in AD?

Here are my settings:

LDAP settings (running this against AD)
Groups Base DN: dc=mydomain,dc=com
Users objectclass: user
Groups objectclass: group
Group membership: On the group class
Enable nested groups: Disabled

Attributes:
Group name (group): sAMAccountName
Account flags (user): userAccountControl
Member users (group): member
Memberid (user): dn

Synchronization Options:
Create new groups: [x]
Create new users: [x]
Sync user attributes: [x]

Attributes to by synced:
First name [x]
Last name [x]
Email [x]

Thanks.

I am currently using the Oct 26 revision on Redmine 2.1.2 on a Debian box, with ruby 1.9.3.

I stumbled upon the following bug when sync'ing users and nested groups :

Synchronizing AuthSource AD...
-- Updating user 'testuser'...
rake aborted!
can't convert Symbol into Integer
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:203:in []' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:203:inget_group_closure'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:188:in block (3 levels) in groups_changes' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:298:infetch'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:298:in fetch' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:187:inblock (2 levels) in groups_changes'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:186:in each' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:186:ininject'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:186:in block in groups_changes' /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:564:inopen'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:151:in groups_changes' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:15:insync_groups'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:76:in block in sync_users' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:52:ineach'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/redmine_ldap_sync/redmine_ext/auth_source_ldap_patch.rb:52:in sync_users' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:22:inblock (5 levels) in <top (required)>'
/usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20:in each' /usr/local/share/redmine-2.1.2/plugins/redmine_ldap_sync/lib/tasks/sync_users.rake:20:inblock (4 levels) in <top (required)>'
/usr/lib/ruby/vendor_ruby/rake/task.rb:205:in call' /usr/lib/ruby/vendor_ruby/rake/task.rb:205:inblock in execute'
/usr/lib/ruby/vendor_ruby/rake/task.rb:200:in each' /usr/lib/ruby/vendor_ruby/rake/task.rb:200:inexecute'
/usr/lib/ruby/vendor_ruby/rake/task.rb:158:in block in invoke_with_call_chain' /usr/lib/ruby/1.9.1/monitor.rb:211:inmon_synchronize'
/usr/lib/ruby/vendor_ruby/rake/task.rb:151:in invoke_with_call_chain' /usr/lib/ruby/vendor_ruby/rake/task.rb:144:ininvoke'
/usr/lib/ruby/vendor_ruby/rake/application.rb:116:in invoke_task' /usr/lib/ruby/vendor_ruby/rake/application.rb:94:inblock (2 levels) in top_level'
/usr/lib/ruby/vendor_ruby/rake/application.rb:94:in each' /usr/lib/ruby/vendor_ruby/rake/application.rb:94:inblock in top_level'
/usr/lib/ruby/vendor_ruby/rake/application.rb:133:in standard_exception_handling' /usr/lib/ruby/vendor_ruby/rake/application.rb:88:intop_level'
/usr/lib/ruby/vendor_ruby/rake/application.rb:66:in block in run' /usr/lib/ruby/vendor_ruby/rake/application.rb:133:instandard_exception_handling'
/usr/lib/ruby/vendor_ruby/rake/application.rb:63:in run' /usr/bin/rake:27:in

Which I could fix in the following way, after a bit of debug/troubleshooting :

groupname = group[:groupname] || group

groupname = case group
when Hash
group[:groupname]
when String
group
else
group
end

It seems this code block receives mainly either a Hash with a value keyed by :groupname or a Net::BER::BerIdentifiedString, but the previous test was obviously failing as it was trying to index a string with a symbol... This probably worked until now due to implicit conversion of Symbol into Integer, which got revoked at some point :/

My ruby version for reference :
$ ruby -v
ruby 1.9.3p194 (2012-04-20 revision 35410) [x86_64-linux]

i installed the plugin as mention in the http://www.redmine.org/projects/redmine/wiki/Plugins url , but when i access via Administration -> Plugin -> configure

gives the following error , redmine-2.2.2

"The page you were trying to access doesn't exist or has been removed. "

and gives following error in redmine-2.1.2

The page you were trying to access doesn't exist or has been removed. "

and in production.log file

Started GET "/settings/plugin/redmine_ldap_sync" for 10.100.1.56 at Mon Jan 28 12:25:29 +0530 2013
Processing by SettingsController#plugin as HTML
Parameters: {"id"=>"redmine_ldap_sync"}
Current user: admin (id=1)
Rendered settings/plugin.html.erb within layouts/admin (3.8ms)
Missing template, responding with 404
Rendered common/error.html.erb within layouts/base (0.6ms)
Completed 404 Not Found in 38ms (Views: 21.2ms | ActiveRecord: 0.6ms)

Please check..

I Configured a group regexp
"OG_.*"

for DN

"OU=S,OU=GR, O=DV"

and no groups get imnpirted but i have 1304 Users in my domain group?
I only expexted to imported users, in domain group which also part of at least on newly created redmine group.

The description says: "A group to wich all the users created from this LDAP authentication will added upon creation."
The users should be created because the grioup criteria does not macht, but else there a re no new groups?

Hey there,

I really love your plugin. Would like to use it with stable redmine in debian, which is version 1.0.1.
Is Version 1.2.0 or higher really required?

rake db:migrate_plugins RAILS_ENV=production
(in /usr/share/redmine)
rake aborted!
redmine_ldap_sync plugin requires Redmine 1.2.0 or higher but current is 1.0.1.stable

(See full trace by running task with --trace)

thanks,

Trooner

Hello,

I am new to redmine and of course also to ldap sync. I installed redmine using the bitnami virtual machine. Then I installed redmine_ldap_sync using git clone ...

When I have installed ldap sync, the mongrel server does not come up. it fails initializing with this exception:
/opt/bitnami/ruby/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:452:in 'load_missing_constant': Expected /opt/bitnami/apps/redmine/app/models/user.rb to define User (LoadError)

The problem seems to come from redmine_ldap_sync/init.rb:23: in 'evaluate_init_rb'

Do you know what the problem could be?

Thank you very much,
best wishes
Simon

I'm running an redmine 1.2.1 with a MS Exchange.
In our LDAP there are (service)users that have no lastname.

"Create new users" is enabled

Rake output:
rake aborted!
Validation failed: Last name can't be blank, Last name is too long (maximum is 30 characters).

There's a filter option for groups.

Is it possible to add an filter for member-search (e.g. "(sn=*)" ), to exclude users with no lastname?

Best regards Tobias

We get following error message when running rake task:
rake redmine:plugins:redmine_ldap_sync:sync_users RAILS_ENV=p roduction --trace
(in /usr/local/lib/redmine-1.2.1)
** Invoke redmine:plugins:redmine_ldap_sync:sync_users (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users
rake aborted!
undefined method to_ber' for nil:NilClass /usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/fil ter.rb:206:into_ber'
/usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/fil ter.rb:214:in to_ber' /usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/fil ter.rb:214:inmap'
/usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap/fil ter.rb:214:in to_ber' /usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb: 1154:insearch'
/usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb: 1144:in loop' /usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb: 1144:insearch'
/usr/local/lib/redmine-1.2.1/vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb: 640:in search' /usr/local/lib/redmine-1.2.1/app/models/auth_source_ldap.rb:109:inget_user_dn'
/usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_s ync/redmine_ext/auth_source_ldap_patch.rb:50:in sync_users' /usr/local/lib/redmine-1.2.1/vendor/rails/activerecord/lib/active_record/base.rb :1971:infind_or_create_by_login'
/usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_s ync/redmine_ext/auth_source_ldap_patch.rb:49:in sync_users' /usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_s ync/redmine_ext/auth_source_ldap_patch.rb:46:ineach'
/usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/redmine_ldap_s ync/redmine_ext/auth_source_ldap_patch.rb:46:in sync_users' /usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_use rs.rake:6 /usr/local/lib/redmine-1.2.1/vendor/plugins/redmine_ldap_sync/lib/tasks/sync_use rs.rake:6:ineach'

Hello,

I works with Debian Squeeze backports version of Redmine 1.1.2.stable (MySQL).
My users and groups are administrate in OpenLDAP 2.4.

I've installed ldap_sync for sync ldap groups with Redmine groups. But nothing sync when I done :

rake redmine:plugins:redmine_ldap_sync:sync_users X_DEBIAN_SITEID=test1 RAILS_ENV=production --trace
(in /usr/share/redmine)
** Invoke redmine:plugins:redmine_ldap_sync:sync_users (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:plugins:redmine_ldap_sync:sync_users

What can I do for testing and solve this problem.

Thanks a lot for your help.

Guidtz