User access groups ldap filters cut off at 64chars

Post Reply
MichaelKnudsernIW
Posts: 2
Joined: 20 Nov 2018, 14:33
Name: Michael Knudsen
Location: Odense
Company Name: Infowise
Contact:
Contact MichaelKnudsernIW

User access groups ldap filters cut off at 64chars

Post by MichaelKnudsernIW »

We have a very deep OU structure in our AD, so our ldap filters for user access groups easily ends up being 100+ chars, but are cutoff.
As far as i can tell this is due to the varchar(64) data type on the ldap_filter collum, in the app_access_groups table.


For now we are working around the limit, by placing the groups we filter on i a temp ou at the root of our AD tree, but this is not sustanible long term.
Rukoviditel.PNG
Top
User avatar
support
Site Admin
Posts: 6215
Joined: 19 Oct 2014, 18:22
Name: Sergey Kharchishin
Location: Russia, Evpatoriya

Re: User access groups ldap filters cut off at 64chars

Post by support »

Which length do you need 255 is enough or do you need text field type?
Top
MichaelKnudsernIW
Posts: 2
Joined: 20 Nov 2018, 14:33
Name: Michael Knudsen
Location: Odense
Company Name: Infowise
Contact:
Contact MichaelKnudsernIW

Re: User access groups ldap filters cut off at 64chars

Post by MichaelKnudsernIW »

255 would be fine for us as we lay around 100-110 in length.

However i do not know the max length of a LDAP dn in AD, but it is surly a lot longer, so maybe also give a warning that the dn was truncated when someone enters a dn longer that 255.
Top
User avatar
support
Site Admin
Posts: 6215
Joined: 19 Oct 2014, 18:22
Name: Sergey Kharchishin
Location: Russia, Evpatoriya

Re: User access groups ldap filters cut off at 64chars

Post by support »

I have updated this field to TEXT in 2.4.
You can run next query in phpmyadmin if you did not update this field yet

Code: Select all

ALTER TABLE `app_access_groups` CHANGE `ldap_filter` `ldap_filter` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;
Top
Post Reply

Return to “Bug Report version 2.3”