New stable authad plugin is broken

[urusha]

After updating to 2016-06-26 "Elenor of Tsort" I have such errors in the log:

PHP Fatal error: Call to protected method adLDAPUtils::ldapSlashes() from context 'adLDAPGroups' in lib/plugins/authad/adLDAP/classes/adLDAPGroups.php on line 423

A workaround attached
patch.txt

[themysteq]

Same error here. Used autoupdate feature.

php-fpm -v
PHP 5.6.22 (fpm-fcgi) (built: May 26 2016 15:37:05)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies

patch worked for me. Thanks very much for fast fix :)

[barrydegraaff]

Yes, I have this problem too, after upgrading to 2016-06-26 "Elenor of Tsort", I can no longer log on and recieve a password/username is incorrect message when trying to log-on.

I have been using this configuration with admin upgrade module for a few years, and havent had this problem before.

Did something change in the Auth Ad??

[barrydegraaff]

Also the suggested patch above does not work for me, also I use AD groups, so that may have to do with it as well. Putting an older version of AuthAD back, also does not work.

[Klap-in]

public to protected was by this PR: #1552
I think I copied too much from a new version.

[bug]

I'll roll out a hotfix with that fix included.
@splitbrain can you merge it?

Thank you all

[bug]

Closing as the fix is in.

[splitbrain]

@bug yeah. there's another report regarding problems with AD I want to have a look at tonight or tomorrow. I'll let you know when we're good to hotfix release.

[barrydegraaff]

I looked into why my config did no longer work after upgrading, and apparently removing the $conf['plugin']['authad'] from the config file local.php and re-add them using the configuration manager works.

We used to have stuff like:
$conf['plugin']['authad']['debug'] = '1';
and that is now saved as:
$conf['plugin']['authad']['debug'] = 1;

Also for some reason I have troubles logging on with the bind user, but only some times, since I don't really need it (I think, I just removed it from the config)
$conf['plugin']['authad']['admin_username'] ....

Then the patch above works for me.

[zeroluck]

I just updated today and it broke my working config. This instance was set up about 3 years ago and the configuration I had survived all the updates since then until Elenor of Tsort. To resolve I went back through the authad plugin documentation and reconfigured the parameters in local.protected.php from scratch. I'm not sure what I changed but it works now.

[Klap-in]

I guess that this could be due to remove of support for the old format of config for the auth plugins...
But without more clue about what is now different in your config, this is just a guess...
(do you have at the bottom of your Configuration Manager some not normal defined config options?)

[zeroluck]

old local.protected.php:

<?php
  // general DokuWiki options
  $conf['useacl']            = 1;
  $conf['disableactions']    = 'register,resendpwd';
  $conf['authtype']            = 'authad';

  // configure your Active Directory data here
  $conf['auth']['ad']['account_suffix']        = '@ad.domain.name';
  $conf['auth']['ad']['base_dn']            = 'DC=ad,DC=domain,DC=name';
  $conf['auth']['ad']['domain_controllers']    = 'dc.domain.name';

  // Enable SSO
  $conf['auth']['ad']['sso']                = 1;
  $conf['auth']['ad']['ad_username']        = 'wikibind';
//user account with permission to perform AD lookups
  $conf['auth']['ad']['ad_password']        = 'password';

  $conf['auth']['ad']['real_primarygroup']    = 1;
  $conf['auth']['ad']['use_ssl']            = 1;
  $conf['auth']['ad']['use_tls']            = 1;

  $conf['auth']['ad']['recursive_groups']    = 1;
  $conf['auth']['ad']['additional']            = 'department,office'; // additional attributes to fetch

  $conf['auth']['ad']['groupfilter']        = '(&(cn=*)(Member=%{dn})(objectClass=group))'; # find groups for current user(dn)

  // Admin
  $conf['manager']                            = '@it_group_all';
  $conf['superuser']                         = '@domain_admins,@wiki_admins,admin';

  // Debug
  $conf['auth']['ad']['debug']                = 1;
  $conf['auth']['ad']['userinfo_debug']        = 1;

New local.protected.php

<?php
  // general DokuWiki options
  $conf['useacl']         = 1;
  $conf['authtype']       = 'authad';

  // configure your Active Directory data here
  $conf['plugin']['authad']['account_suffix']     = '@ad.domain.name';
  $conf['plugin']['authad']['base_dn']            = 'DC=ad,DC=domain,DC=name';
  $conf['plugin']['authad']['domain_controllers'] = 'dc.domain.name'; //multiple can be given

  $conf['plugin']['authad']['admin_username']        = 'wikibind';
  $conf['plugin']['authad']['admin_password']        = 'password';
  $conf['plugin']['authad']['sso']                = 1;
  $conf['plugin']['authad']['real_primarygroup']  = 1;
  $conf['plugin']['authad']['use_tls']            = 1; // Only one of them.
  $conf['plugin']['authad']['debug']              = 1;
  $conf['plugin']['authad']['recursive_groups']   = 1; // If number of groups in AD is large switching to 0 will improve performance, but indirect membership will not work
  $conf['plugin']['authad']['additional']         = 'department,office'; // additional attributes to fetch
  // warn user about expiring password this many days in advance (in version 2012-03-10 and higher):

  $conf['manager']                            = '@it_group_all';
  $conf['superuser']                         = '@domain_admins,@wiki_admins,admin';