8000 Wekan uses the wrong E-mail Field from Active Directory (UCS-Windows) · Issue #8 · wekan/univention · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Wekan uses the wrong E-mail Field from Active Directory (UCS-Windows) #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
QB-maker opened this issue Dec 19, 2019 · 3 comments
Open

Wekan uses the wrong E-mail Field from Active Directory (UCS-Windows) #8

QB-maker opened this issue Dec 19, 2019 · 3 comments

Comments

@QB-maker
Copy link

We have Wekan running, the UCS version.
UCS is connected to our Windows Active Directory, so people can logon with their AD-credentials.
One problem; Wekan uses our username@company.local adres as e-mail.
In the UCS AD connector every field is ok.
I think Wekan uses the logon name as e-mail adres.
Is there a way to connect to the correct AD-field?
Kind Regards Mike
@xet7 xet7 transferred this issue from wekan/wekan Dec 20, 2019
@xet7
Copy link
Member
xet7 commented Dec 20, 2019

If you make any changes to Wekan docker-compose.yml, please make good backup of original and changed files, because I'm not sure are settings kept when upgrading Wekan.

With KDE installed, with System/Konsole:

sudo su
cd /var/lib/univention-appcenter/apps/wekan/compose
nano docker-compose.yml

Currently settings can only be added to docker-compose.yml textfile.
Descriptions of all available settings are at:
https://github.com/wekan/wekan/blob/master/docker-compose.yml

You can edit settings.

Then save and exit with: Ctrl-o Enter Ctrl-x Enter

Then stop and start Wekan in that same directory:

docker stop wekan-app
docker start wekan-app

Or alternatively, if there is no effect, reboot UCS server.

@lwillek
Copy link
lwillek commented Jan 1, 2020

+1, same issue here, but I use OpenLdap without AD connector. (with UCS AD will be synced to OpenLdap, so in the end this does not matter)

/var/lib/univention-appcenter/apps/wekan/compose/docker-compose.yml is configured to use the (imho) correct fields:

   ...
    - LDAP_USERNAME_FIELD=uid
    - LDAP_FULLNAME_FIELD=displayName
    - LDAP_EMAIL_FIELD=mailPrimaryAddress
    - LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mailPrimaryAddress":"email"}
    - LDAP_DEFAULT_DOMAIN=belug.lan
   ...

"mailPrimaryAddress" contains the correct mail address. However, seems that Wekan creates the address from "LDAP_USERNAME_FIELD"+"LDAP_DEFAULT_DOMAIN" instead using the value from LDAP_EMAIL_FIELD, which makes me think that I run into the same issue.

The log (shortened) shows the following:

[INFO] TLS connected
[INFO] Binding UserDN "cn=***removed***,dc=de"
[INFO] Searching user "lutz"
[DEBUG] searchOptions {
  "filter": "(&(wekanActivated=TRUE)(uid=lutz))",
  "scope": "sub",
  "sizeLimit": 0
}
***removed***
[INFO] Search result count 1
[INFO] Authenticating "uid=lutz,***removed***"
[INFO] Authenticated "uid=lutz,***removed***"
[DEBUG] Group list filter LDAP: "(&(objectclass=univentionGroup)(uniqueMember=uid=lutz,***removed***))"
***removed***
[DEBUG] Identifying user with: uidNumber
[INFO] Querying user
[DEBUG] userQuery {
  "services.ldap.id": "***removed***"
}
[DEBUG] userQuery {
  "username": "lutz"
}
[INFO] User does not exist, creating "lutz"
[DEBUG] Identifying user with: uidNumber
[DEBUG] Identifying user with: uidNumber
[DEBUG] New user data {
  "username": "lutz",
  "email": "lutz@belug.lan"
}

Seems Weekan does not ask the Ldap for LDAP_EMAIL_FIELD? Did I forgot something to check or configure?

@plagri
Copy link
plagri commented Jan 30, 2020

Hi Friends,
I have same problem with Wekan uses the wrong E-mail Field from Active Directory, Linux UCS Esxi VM.
I have read previous posts in this topic, but I can't understand how to change docker-compose.yml file due Wekan to use right email addresses? I have checked my docker-compose.yml file and see that LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mailPrimaryAddress":"email"}
May be I have to change some js scripts, which respond to email addresses in Wekan users?

Please help me!
Best Regards
Plamen Gribachev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xet7 @lwillek @QB-maker @plagri
0