Topic on Project:Support desk

I am trying updating LDAP. Having difficulty understanding what belongs where and how... following the Description as good as i can.

Please Help.

When i run the maintenance/update.php script it says to me Found invalid JSON in file: /var/www/html/ldap.json

At the end of the Script it prints:

BadMethodCallException from line 506 of /var/www/html/mediawiki/includes/session/SessionProvider.php: MediaWiki\Session\SessionProvider::preventSessionsForUser must be implemented when canChangeUser() is false

#0 /var/www/html/mediawiki/includes/session/SessionManager.php(453): MediaWiki\Session\SessionProvider->preventSessionsForUser()

#1 /var/www/html/mediawiki/includes/user/User.php(886): MediaWiki\Session\SessionManager->preventSessionsForUser()

#2 /var/www/html/mediawiki/extensions/AbuseFilter/includes/FilterUser.php(57): MediaWiki\User\User::newSystemUser()

#3 /var/www/html/mediawiki/extensions/AbuseFilter/includes/FilterUser.php(48): MediaWiki\Extension\AbuseFilter\FilterUser->getUser()

#4 /var/www/html/mediawiki/extensions/AbuseFilter/maintenance/NormalizeThrottleParameters.php(151): MediaWiki\Extension\AbuseFilter\FilterUser->getUserIdentity()

#5 /var/www/html/mediawiki/extensions/AbuseFilter/maintenance/NormalizeThrottleParameters.php(484): MediaWiki\Extension\AbuseFilter\Maintenance\NormalizeThrottleParameters->normalizeParameters()

#6 /var/www/html/mediawiki/maintenance/includes/LoggedUpdateMaintenance.php(49): MediaWiki\Extension\AbuseFilter\Maintenance\NormalizeThrottleParameters->doDBUpdates()

#7 /var/www/html/mediawiki/maintenance/update.php(197): LoggedUpdateMaintenance->execute()

#8 /var/www/html/mediawiki/maintenance/includes/MaintenanceRunner.php(703): UpdateMediaWiki->execute()

#9 /var/www/html/mediawiki/maintenance/doMaintenance.php(100): MediaWiki\Maintenance\MaintenanceRunner->run()

#10 /var/www/html/mediawiki/maintenance/update.php(298): require_once('/var/www/html/m...')

#11 {main}

PHP Notice:  Uncommitted DB writes (transaction from MediaWiki\Extension\AbuseFilter\Maintenance\NormalizeThrottleParameters::doDBUpdates) in /var/www/html/mediawiki/includes/libs/rdbms/database/TransactionManager.php on line 586

PHP Notice:  DB transaction writes or callbacks still pending (MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider::providerChangeAuthenticationData, MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider::providerChangeAuthenticationData, MediaWiki\User\User::saveSettings, MediaWiki\User\User::saveSettings, MediaWiki\User\User::clearSharedCache) in /var/www/html/mediawiki/includes/libs/rdbms/database/Database.php on line 3344

My ldap.json:

1 {

"internet.adress": {

¦ "connection": {

¦ ¦ "server": "First-Domain-Controller",

¦ ¦ "port": "389",

¦ ¦ "user": "CN=firstUser,OU=Device-User,OU=Benutzer,Some=SomeUser,One=OneUser",

¦ ¦ "pass": "SomeChars",

¦ ¦ "enctype": "clear",

¦ ¦ "options": {

¦ ¦ ¦ "LDAP_OPT_DEREF": 1

¦ ¦ },

¦ ¦ "basedn": "Some=SomeUser, One=OneUser",

¦ ¦ "userbasedn": "OU=Benutzer,Some=SomeUser,One=OneUser",

¦ ¦ "groupbasedn": "OU=SafetyGroups,Some=SomeUser,One=OneUser",

¦ ¦ "searchattribute": "samaccountname",

¦ ¦ "usernameattribute": "samaccountname",

¦ ¦ "realnameattribute": "cn",

¦ ¦ "emailattribute": "mail",

¦ ¦ "grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory",

¦ ¦ "presearchusernamemodifiers": [ "spacestounderscores", "lowercase" ],

¦ ¦ "SyncMechanismRegistry": {

¦ ¦ ¦ ¦ "mappedgroups": "MediaWiki\\Extension\\LDAPGroups\\SyncMechanism\\MappedGroups::factory",

¦ ¦ ¦ ¦ ¦ "allgroups": "MediaWiki\\Extension\\LDAPGroups\\SyncMechanism\\AllGroups::factory"

¦ ¦ }

¦ },

¦ "userinfo": [],

¦ "authorization": []

}

}

For more Information just ask.

Greetings

Which exact MediaWiki version? Which exact version of which exact extension related to LDAP?

MediaWiki Version: 1.41

The Extension would be LDAPAuthentication2 Version: 1.39 and LDAPProvider Version: 1.39

Thanks for the fast reply!!!

The error message Found invalid JSON in file: /var/www/html/ldap.json indicates a syntax error in the file /var/www/html/ldap.json. Try using a tool like jsonlint or use a code editor with syntax-checker like VSCode to compose the file.

I did this with the snippet you provided above:

{
    "internet.adress": {
        "connection": {
            "server": "First-Domain-Controller",
            "port": "389",
            "user": "CN=firstUser,OU=Device-User,OU=Benutzer,Some=SomeUser,One=OneUser",
            "pass": "SomeChars",
            "enctype": "clear",
            "options": {
                "LDAP_OPT_DEREF": 1
            },
            "basedn": "Some=SomeUser, One=OneUser",
            "userbasedn": "OU=Benutzer,Some=SomeUser,One=OneUser",
            "groupbasedn": "OU=SafetyGroups,Some=SomeUser,One=OneUser",
            "searchattribute": "samaccountname",
            "usernameattribute": "samaccountname",
            "realnameattribute": "cn",
            "emailattribute": "mail",
            "grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory",
            "presearchusernamemodifiers": [
                "spacestounderscores",
                "lowercase"
            ],
            "SyncMechanismRegistry": {
                "mappedgroups": "MediaWiki\\Extension\\LDAPGroups\\SyncMechanism\\MappedGroups::factory",
                "allgroups": "MediaWiki\\Extension\\LDAPGroups\\SyncMechanism\\AllGroups::factory"
            }
        },
        "userinfo": [],
        "authorization": []
    }
}

Be aware that SyncMechanismRegistry is not a valid key in this config. It is a global variable configuration $LDAPGroupsSyncMechanismRegistry and I don't think you need to set it at all.

Good Morning,

i copied your snippet and fitted it for my need in extension to that i use jsonlint. And my Json file seems correct. I tried some more config variations and nothing seems to work.

Do you got another hint or direction which i can try/go?

Greetings and big Thanks

Ps: Do you need additional information?

Does it still tell you Found invalid JSON in file:...? If so, check if the webserver user can read the file.

Good Evening,

after a good day of work i finally got it workin. Many thanks for your help.

The User wasnt allowed to read, so i made him.

I had to use a bit of a modification of your config file to get it running. It is now possible to login localy, but otherwise not.

When i run the CheckLogin.php script it promptly says ‘FAILED’. When I try to login it says to me that the username or password is incorrect and i should try it again.

When i run ShowUserInfo.php with which i want to login:

cn => someuser

distinguishedname => CN=someuser,OU=Some-User,OU=User,DC=pko,DC=ac

displayname => someuser

name => someuser

samaccountname => someuser

userprincipalname => someuser@address

objectcategory => CN=Person,CN=Schema,CN=Configuration,DC=Thin,DC=Other

dn => CN=someuser,OU=Some-User,OU=Benutzer,DC=Thin,DC=Other

And i still get the Error when running maintenance/update.php script

BadMethodCallException from line 506 of /var/www/html/mediawiki/includes/session/SessionProvider.php: MediaWiki\Session\SessionProvider::preventSessionsForUser must be implemented when canChangeUser() is false

If additional information is needed i am happy to supply.

Thanks for all your much needed help!!!

In regards