By: Sergio Plasencia user 24 Nov 2015 at 4:57 a.m. CST

7 Responses
Sergio Plasencia gravatar
I would like to reopen the ticket: "Admin group membership lookup against backend ldap" I just tested with the new version "gluu-server 2.3.5-3" and the behavior is exactly the same.

By Mohib Zico staff 24 Nov 2015 at 7:08 a.m. CST

Mohib Zico gravatar
Two points: 1. Our new / latest version is: 2.4 2. I still think you are missing something because we already shipped 2.4 to few of our customers and it worked perfectly alright.

By Sergio Plasencia user 24 Nov 2015 at 7:53 a.m. CST

Sergio Plasencia gravatar
I just realize that there are two debian pacakges available in the gluu repository: gluu-server and gluu-server24 I will deploy the gluu-server24 one and try. Thanks!!

By Aliaksandr Samuseu staff 24 Nov 2015 at 10:34 a.m. CST

Aliaksandr Samuseu gravatar
Yes, it's very likely that latest 2.3.x packages will contain this bug (I believe 2.3.6 package or so is currently being prepared for release, where this problem will be fixed). But switching to 2.4.x branch is the wisest choice possible as it delivers a great amount of enhancements and will become the default Gluu package from now on.

By Sergio Plasencia user 25 Nov 2015 at 7:52 a.m. CST

Sergio Plasencia gravatar
I'm deploying 2.4 version to check if the problem is solved but I can't make cache refresh working properly. I see the following error: Skipping target entries update. Destination server shema doesn't has next attributes: '[uid,sn,cn]' I ran into the same problem with 2.3 version and it happened because I was not using "," to separate the attributes. But now should be ok and it does not work. I'm using very common attributes that should exist on the destination server.

By Mohib Zico staff 25 Nov 2015 at 8:10 a.m. CST

Mohib Zico gravatar
I am not sure if you are using oxTrust ( GUI of Gluu Server ) for cache refresh, most probably not because still you are not configuring it properly. :-) >> Skipping target entries update. Destination server shema doesn't has next attributes: '[uid,sn,cn]' There should be a space after every comma. If you still interested to configure oxTrustCacheRefresh configuration file from cmd, here is how a proper setup looks like, here I am calling these seven attributes from backend ldap.conf.source.attrs=uid, sn, cn, userPrincipalName, description, mail, givenName

By Sergio Plasencia user 25 Nov 2015 at 11:25 a.m. CST

Sergio Plasencia gravatar
You are right, now it works. I also changed the authentication to our external LDAP and it is working now as well!! Thanks!

By William Lowe user 25 Nov 2015 at 11:28 a.m. CST

William Lowe gravatar
Awesome!! Closing out this ticket then. Thanks, Sergio.