Using Gallery3's LDAP module with OpenLDAP

jstarek

Joined: 2012-01-08
Posts: 1
Posted: Sun, 2012-01-08 20:41

I have some issues with using Gallery3's LDAP module. I try to authenticate against a local OpenLDAP directory with Unix-style POSIX accounts in it.

The error message in the log is:

Quote:
2012-01-08 20:29:23 +00:00 --- error: load_user Exception: @todo NO_USER_LIBRARY_CONFIGURATION_FOR: ldap
#0 /srv/www/htdocs/gallery3/modules/gallery/libraries/IdentityProvider.php(43): IdentityProvider_Core->__construct()
#1 /srv/www/htdocs/gallery3/modules/gallery/helpers/identity.php(60): IdentityProvider_Core::instance()
#2 /srv/www/htdocs/gallery3/modules/gallery/helpers/gallery_event.php(26): identity_Core::load_user()
#3 /srv/www/htdocs/gallery3/modules/gallery/helpers/module.php(375): gallery_event_Core::gallery_ready()
#4 /srv/www/htdocs/gallery3/modules/gallery/helpers/gallery.php(96): module_Core::event('gallery_ready')
#5 [internal function]: gallery_Core::ready(Array)
#6 /srv/www/htdocs/gallery3/system/core/Event.php(208): call_user_func_array(Array, Array)
#7 /srv/www/htdocs/gallery3/application/Bootstrap.php(58): Event_Core::run('system.ready')
#8 /srv/www/htdocs/gallery3/index.php(102): require('/srv/www/htdocs...')
#9 {main}

Unfortunately, I can't fix the resulting "Dang... something went wrong" error by deleting the module directory, as the documentation states -- obviously, the identity provider has no fallback.

So, in order to get this to run, I'd like to know how to set up this module. The file config/identity.php sets the relevant variables, and just to make sure I understand it correctly, here's how I interpret it and the questions I have about the values:

  • driver -- Unsure about that. The comment "User backend driver. Gallery comes with Gallery user driver." is not quite clear to me. Left at default.
  • allow_updates -- I suppose this controls whether new Gallery users should show up in the LDAP database.
  • groups -- Gallery internal or POSIX groups? I guess internal. The default, though, does not match the pre-created groups in Gallery.
  • url -- There's no documentation of what is valid here. Usually, for an OpenLDAP server, this should be ldap://myserver.tld/
  • bind_rdn and bind_password -- what do I need to enter here for an anonymous bind?

But I suppose I interpreted something wrong here, otherwise my installation wouldn't be broken :-) So, I'd be very grateful for any hints!