1 Aug
2008
1 Aug
'08
6:22 p.m.
On Aug 1, 2008, at 6:17 PM, Thomas Mortagne wrote:
[snip]
I found what is the problem: It's not your
configuration, by default
XWiki store the DN in the user's profile (with the "ldap_dn=dn" in
xwiki.authentication.ldap.fields_mapping property) to speed up the DN
search. The problem is that it will always use the first DN used for a
user even the user moved in LDAP server.
So what you can do to fix it:
- for existing users in XWiki: edit the user's profile page using
object editor and change the value of the property ldap_dn (LDAP DN).
Set the new DN or just blank it to let XWiki update it.
- if you plan to move LDAP users regularely: remove the "ldap_dn=dn"
from xwiki.authentication.ldap.fields_mapping property to avoid LDAP
user DN storage.
This looks like an important XWiki limitation isn't it?
I guess moving users in LDAP is a pretty common thing and we should
probably not request admins to edit related XWiki users objects. That
doesn't sound right.
WDYT?
Thanks
-Vincent