Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LDAP search filter cannot be configured if too many OUs or filters are nested #4121

Closed
darius1706 opened this issue Feb 9, 2021 · 5 comments
Labels
bug Undesired behaviour resolved A fixed issue
Milestone

Comments

@darius1706
Copy link

Feature Request

Is your feature request related to a problem? Please describe

There is too short db column (and variable limit) for ldap filter. Currently is 128 characters in table user_domains_ldap, column search_filter. It would be better to make bigger, if we want restrict user by group, its too short.

I expanded column to 512 characters, but it could be bigger. It looks I have to change max_length of search filter in file user_domains.php to 'max_length' => '4096'

Please consider to make search filter bigger.

Thank you
Radek

@darius1706 darius1706 added the enhancement General tag for an enhancement label Feb 9, 2021
@netniV
Copy link
Member

netniV commented Feb 10, 2021

I would say this is more a bug fix than an enhancement as the short limit could prevent access to more deeply nested ou's when finding accounts etc.

@netniV netniV added bug Undesired behaviour and removed enhancement General tag for an enhancement labels Feb 10, 2021
@TheWitness TheWitness added this to the v1.2.17 milestone Feb 12, 2021
TheWitness added a commit that referenced this issue Feb 12, 2021
Too short search filter for Ldap - Cacti 1.2.2
@TheWitness TheWitness added the resolved A fixed issue label Feb 12, 2021
@anarkia1976
Copy link

anarkia1976 commented Feb 15, 2021

Hi Guys @TheWitness & @netniV ,

today i have updated cacti to the last commits, but i have a problemi with the script for update the database:
php -q cli/upgrade_database.php --forcever=1.1.38
Upgrading from v1.1.38
Upgrading from v1.1.38 (DB 1.2.16) to v1.2.0
++++++++++++++-++++++++++++++++++++++++++++Upgrading from v1.2.0 (DB 1.2.16) to v1.2.1
++Upgrading from v1.2.1 (DB 1.2.16) to v1.2.2
++Upgrading from v1.2.2 (DB 1.2.16) to v1.2.3
++++++Upgrading from v1.2.3 (DB 1.2.16) to v1.2.5
+++Upgrading from v1.2.5 (DB 1.2.16) to v1.2.7
-Upgrading from v1.2.7 (DB 1.2.16) to v1.2.8
+++++Upgrading from v1.2.8 (DB 1.2.16) to v1.2.11
+Upgrading from v1.2.11 (DB 1.2.16) to v1.2.14
+Upgrading from v1.2.14 (DB 1.2.16) to v1.2.15
+Upgrading from v1.2.15 (DB 1.2.16) to v1.2.17
++x
################################
[Fail] - DB Exec Failed!, Error 1064: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'TABE user_domains_ldap MODIFY COLUMN search_filter VARCHAR(512) NOT NULL defa...' at line 1
+------------------------------+
ALTER TABE user_domains_ldap MODIFY COLUMN search_filter VARCHAR(512) NOT NULL default ""
################################

Do you have suggestions?

The only way to fix it is to revert this commit:

commit e5f7e5a
Author: TheWitness thewitness@cacti.net
Date: Thu Feb 11 19:25:47 2021 -0500
Fixing Issue #4121
Too short search filter for Ldap - Cacti 1.2.2

thanks a lot.

@TheWitness
Copy link
Member

I recommend myself to get glasses. 😎

@TheWitness TheWitness reopened this Feb 15, 2021
TheWitness added a commit that referenced this issue Feb 15, 2021
@TheWitness
Copy link
Member

Okay, all fixed up. Just repull the 1.2.x branch and rerun.

@anarkia1976
Copy link

All is working now. thanks a lot.

@netniV netniV changed the title Too short search filter for Ldap - Cacti 1.2.2. LDAP search filter cannot be configured if too many OUs or filters are nested Apr 30, 2021
@github-actions github-actions bot locked and limited conversation to collaborators Jul 30, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Undesired behaviour resolved A fixed issue
Projects
None yet
Development

No branches or pull requests

4 participants