Online demo
Download
Contact

Because information matters

  • principal.ldap.mail.search.filter

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Thu Jun 19, 2025 8:04 am

principal.ldap.mail.search.filter

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

principal.ldap.mail.search.filter

 #10148  by Catscratch
 
Hi,

I got a problem with the
Code: Select all
principal.ldap.mail.search.filter=(&(objectClass=person)(sAMAccountName={0}))
in the openKM.cfg.

At runtime no substitution of {0} is done.
In the file LdapPrincipalAdapter.java in the method ldapSearch at line 200 there is:
Code: Select all
NamingEnumeration<SearchResult> results = ctx.search(searchBase, searchFilter, searchCtls);
The searchFilter there is the same as in the openkm.cfg. Including {0} instead of the real sAMAccountName.
So openKM never finds an email address.

I used a ldap explorer to verify the parameters and if there would be the right sAMAccountName an user would be returned.

I'm using OpenKM 5.0.1.
Is there a way to fix this?

Thanks.

Re: principal.ldap.mail.search.filter

 #10149  by Catscratch
 
Hi,

I fixed it. It's an error/bug/missing feature in LdapPrincipalAdapter.java.

There in line 111.

The old version is:
Code: Select all
List<String> ldap = ldapSearch(
	Config.PRINCIPAL_LDAP_SERVER,
	Config.PRINCIPAL_LDAP_SECURITY_PRINCIPAL,
	Config.PRINCIPAL_LDAP_SECURITY_CREDENTIALS,
	MessageFormat.format(Config.PRINCIPAL_LDAP_MAIL_SEARCH_BASE, user), 
	Config.PRINCIPAL_LDAP_MAIL_SEARCH_FILTER, 
	Config.PRINCIPAL_LDAP_MAIL_ATTRIBUTE);
But it should be (new version from me):
Code: Select all
List<String> ldap = ldapSearch(
	Config.PRINCIPAL_LDAP_SERVER,
	Config.PRINCIPAL_LDAP_SECURITY_PRINCIPAL,
	Config.PRINCIPAL_LDAP_SECURITY_CREDENTIALS,
	MessageFormat.format(Config.PRINCIPAL_LDAP_MAIL_SEARCH_BASE, user), 
	MessageFormat.format(Config.PRINCIPAL_LDAP_MAIL_SEARCH_FILTER, user),
	Config.PRINCIPAL_LDAP_MAIL_ATTRIBUTE);
With this change the mail service is also possible with complex ldap structures separated in several sub groups.
May you check-in this fix to the source code please?

Thank you and best regards.

Re: principal.ldap.mail.search.filter

 #10452  by mario
 
Hi,

I have a similar problem,...

I want to authenticate our users via the "sAMAccountName" attribute
Login works with out problems.
Code: Select all
<module-option name="baseFilter">(sAMAccountName={0})</module-option>
And i also want to use the "sAMAccountName" for the mail search filter.

My OpenKM.cfg mail part look like...
Code: Select all
principal.ldap.mail.search.base=OU=xxxx,OU=yyyyyy,OU=yxxyyx,.....
principal.ldap.mail.search.filter=(&(objectClass=person)(sAMAccountName={0}))
principal.ldap.mail.attribute=mail
But with this config. I'm not able to get any mail addresses.

If i change the config. to, for example to
Code: Select all
principal.ldap.mail.search.base=OU=xxxx,OU=yyyyyy,OU=yxxyyx,.....
principal.ldap.mail.search.filter=(&(objectClass=person)(sAMAccountName=mario))
principal.ldap.mail.attribute=mail
.... I get a mail address?

I'm using OpenKM 5.0.4.

I have also tested my search path stuff with a ldap client with success.
Is there something i'm missing?

Any help would be appreciated :-)

thanks

Mario

Re: principal.ldap.mail.search.filter

 #10471  by mario
 
Hi Catscratch ,

I have re checked my OpenKM Version (just to be sure :-) ).
OpenK'M says Version 5.0.4 (Build 5691).

In the repo. there are also your changes in (LdapPrincipalAdapter.java.) rev 5691 @ line 117 ?

Just for testing I changed the search base to:
Code: Select all
principal.ldap.mail.search.base=CN={0},OU=xxxx,OU=yyyyyy,OU=yxxyyx,.....
principal.ldap.mail.search.filter=(&(objectClass=person)(sAMAccountName={0}))
principal.ldap.mail.attribute=mail
As expected i got a InvalidNameException with :
Code: Select all
.....
CN=mario,OU=xxxx,OU=yyyyyy,...
.....
funny stuff :-)

Mario
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -