Upgrade from 1.7.2 to 1.11.5 #3705
Comments
|
See the UPGRADE document. |
|
Which file should I change and when overwriting the database I get an error. |
|
You should
|
|
Thank you for the information, I will try to do it tomorrow or today. |
|
After the upgrade, users cannot log in via LDAP, even though the config remains unchanged and the rest of the files remain unchanged. |
|
I suspect you need to set the following: More recent versions of MRBS show users' display names and they need the search_dn details set in order to do so. |
|
Where exactly should I change this? Here is the code from LDAP that is already saved there: $auth["session"] = "php"; most likely the LDAP server is oracle. |
|
Yes, in the config file. Obviously you will need to uncomment the settings lines and choose suitable values. |
|
Thanks a lot |
|
Unfortunately it still doesn't work... $auth["session"] = "php"; Could it have something to do with the php version? Additionally, we do not have Windows AD, but Oracle |
|
PHP 7.2.34 should be fine. I suggest you set |
|
I think you need to set |
|
Our database is open because it is available only from the internal network, and also from specific devices. 2024-07-24_12h14_11.mp4 |
|
My mistake, it's not about the database but the LDAP server |
|
Setting $ldap_debug = true; it didn't give any results. |
|
Did you look in your PHP error log (not your Apache log)? |
|
At the moment I am waiting for the logs to be sent. Do you know the answer why LDAP login worked in version 1.7.2 and does not work in 1.11.5? |
|
No, it's not to do with PHP or Apache. It's to do with MRBS. It's because more recent versions of MRBS show users' display names and they need the search_dn details set in order to do so. |
|
One more question, what permissions should the root directory have? |
The PHP error log is normally a file called error_log in your MRBS directory. |
|
In the old version (1.7.5), name display is enabled |
But that's just the username, not the display name (eg "John Smith"). |
|
The error_log file is not created even though chmod is set to 777 |
|
Returning to the configure LDAP itself, it cannot be set to a specific user who will search for it in the database. |
|
Run the PHP program <?php
echo ini_get('error_log');to find out where your error log is. |
Why not? Can you not create a special user? |
|
I don't have access to it, at the moment I have to wait for the system administrator to send it to me. |
Since I'm not the one managing LDAP, no one will agree to it, since the server is open (no login required for searching) but only for specific computers and internal networks. |
|
Did you manage to find your PHP error log? |
|
[21-Jul-2024 18:36:37 UTC] authLdapAction: Got LDAP connection [21-Jul-2024 20:36:37 Europe/Warsaw] authLdapAction: Got LDAP connection [21-Jul-2024 20:36:37 Europe/Warsaw] authValidateUserCallback: Successful authenticated bind with no $ldap_filter [22-Jul-2024 10:42:48 Europe/Warsaw] authLdapAction: Got LDAP connection [22-Jul-2024 08:42:57 UTC] authLdapAction: Got LDAP connection [22-Jul-2024 10:42:57 Europe/Warsaw] authLdapAction: Got LDAP connection |
|
Something is wrong. auth_ldap.inc doesn't exist in MRBS 1.11.5. Are you sure this is the debug log from running the new release? |
|
I can delete this file and try to log in and see what error PHP throws. |
|
Let's wait for the moment until around August 12, when I should receive full access to the Apache and PHP logs, without waiting for the administrator to export it and give it to me. |
|
Hello, As for the auth_ldap.inc file, it is already in version 1.11.5 in the auth directory, it was not added manually |
|
The auth_ldap.inc file isn't in the 1.11.5 distribution. If it's on your server it could be because you overwrote the previous release rather than uploading to a new folder. However that shouldn't matter, but what does matter is that your previous logs were reporting output from auth_ldap.inc. If you repeat the login attempt on 1.11.5 what do the logs say now? |
|
[01-Aug-2024 09:35:46 Europe/Warsaw] [MRBS DEBUG] MRBS\Auth\AuthLdap->action(730): got LDAP connection using $host |
|
Have you got |
|
I have $ldap_user_attrib = "uid"; , change it to the one you sent? |
|
When I changed $ldap_user_attrib = "uid"; to $ldap_dn_search_attrib = "uid"; an unknown user pops up when logging in. |
|
You should keep $ldap_user_attrib = "uid";and additionally set $ldap_dn_search_attrib = "uid";
$ldap_dn_search_dn = "some user's dn"; // eg yours
$ldap_dn_search_password = "their password"; |
$auth["session"] = "php";
$auth["type"] = "ldap";
$ldap_debug = true;
$ldap_host = "$host";
$ldap_port = 389;
$ldap_base_dn[] = "ou=People,dc=ibch,dc=poznan,dc=pl,dc=world";
$ldap_base_dn[] = "ou=People,ou=PhDStudents,dc=ibch,dc=poznan,dc=pl,dc=world";
$ldap_v3 = true;
$ldap_tls = false;
$ldap_user_attrib = "uid";
$ldap_dn_search_attrib = "uid";
$ldap_dn_search_dn = "adehmel"; // A form which could work for AD LDAP
$ldap_dn_search_password = "**********************";When trying to log in: unknown user Logs: |
I don't think you can be running MRBS 1.11.5 properly. |
|
Everything from mrbs-code-main.zip/web has been moved to the server (where all old files were previously deleted). The only thing left is config.inc.php (where the LDAP settings sent above have been changed) |
|
Let me just remind you that LDAP is not MS active directory and I have also updated PHP to version 7.4 |
|
Can you post the functions.inc from your server here as an attachment please? You'll need to zip it first to keep GitHub happy, or else rename it as .txt file. Thanks. |
Yes. Let's make sure first that you are running the correct code, then we can sort out the LDAP problems. |
sure: |
|
Thanks. That looks like the correct version of functions.inc, but the |
|
Instead of $ldap_dn_search_dn = "adehmel"; // A form which could work for AD LDAPyou should use something like $ldap_dn_search_dn = "cn=Search User,ou=Users,dc=example,dc=com"; // Any compliant LDAP |
|
[01-Aug-2024 11:51:11 UTC] [MRBS DEBUG] MRBS\Auth\AuthLdap->action(730): got LDAP connection using ldap://ldap.man.poznan.pl:389 What's strange to me is that in version 1.7.4 it worked without the user being LDAP_search. |
|
What happens if you comment out the three $ldap_dn_search_* settings? |
Server details (please complete the following information):
Additional context
Hi, I would like to update MRBS from version 1.7.2 to 1.11.5, but I cannot find complete documentation on how to do it anywhere.
The text was updated successfully, but these errors were encountered: