LDAP search filter cannot be configured if too many OUs or filters are nested

[darius1706]

Feature Request

Is your feature request related to a problem? Please describe

There is too short db column (and variable limit) for ldap filter. Currently is 128 characters in table user_domains_ldap, column search_filter. It would be better to make bigger, if we want restrict user by group, its too short.

I expanded column to 512 characters, but it could be bigger. It looks I have to change max_length of search filter in file user_domains.php to 'max_length' => '4096'

Please consider to make search filter bigger.

Thank you
Radek

[netniV]

I would say this is more a bug fix than an enhancement as the short limit could prevent access to more deeply nested ou's when finding accounts etc.

[anarkia1976]

Hi Guys @TheWitness & @netniV ,

today i have updated cacti to the last commits, but i have a problemi with the script for update the database:
php -q cli/upgrade_database.php --forcever=1.1.38
Upgrading from v1.1.38
Upgrading from v1.1.38 (DB 1.2.16) to v1.2.0
++++++++++++++-++++++++++++++++++++++++++++Upgrading from v1.2.0 (DB 1.2.16) to v1.2.1
++Upgrading from v1.2.1 (DB 1.2.16) to v1.2.2
++Upgrading from v1.2.2 (DB 1.2.16) to v1.2.3
++++++Upgrading from v1.2.3 (DB 1.2.16) to v1.2.5
+++Upgrading from v1.2.5 (DB 1.2.16) to v1.2.7
-Upgrading from v1.2.7 (DB 1.2.16) to v1.2.8
+++++Upgrading from v1.2.8 (DB 1.2.16) to v1.2.11
+Upgrading from v1.2.11 (DB 1.2.16) to v1.2.14
+Upgrading from v1.2.14 (DB 1.2.16) to v1.2.15
+Upgrading from v1.2.15 (DB 1.2.16) to v1.2.17
++x
################################
[Fail] - DB Exec Failed!, Error 1064: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'TABE user_domains_ldap MODIFY COLUMN search_filter VARCHAR(512) NOT NULL defa...' at line 1
+------------------------------+
ALTER TABE user_domains_ldap MODIFY COLUMN search_filter VARCHAR(512) NOT NULL default ""
################################

Do you have suggestions?

The only way to fix it is to revert this commit:

commit e5f7e5a
Author: TheWitness thewitness@cacti.net
Date: Thu Feb 11 19:25:47 2021 -0500
Fixing Issue #4121
Too short search filter for Ldap - Cacti 1.2.2

thanks a lot.

[TheWitness]

I recommend myself to get glasses. 😎

[TheWitness]

Okay, all fixed up. Just repull the 1.2.x branch and rerun.

[anarkia1976]

All is working now. thanks a lot.