Details

    • Branch Version/s:
      6.1.x, 6.0.x
    • Backported to Branch:
      Committed
    • Story Points:
      1
    • Fix Priority:
      5
    • Similar Issues:
      Show 3 results 

      Description

      1. Start LDAP server with users
      2. Startup Liferay

      CASE ONE
      3. Enable LDAP or not
      i. [LDAP required] uncheck
      ii. [Import Enabled] check or uncheck
      iii. [Export Enabled] uncheck
      iv. [Use LDAP Password Policy] check, save

      CASE TWO
      3. Enable LDAP,
      i. [LDAP required] uncheck
      ii. [Import Enabled] check or uncheck
      iii. [Export Enabled] check
      iv. [Use LDAP Password Policy] uncheck, save

      4. Add LDAP server, save
      5. As admin, add a new user and save

      Results:
      Admin sees 'Users and Organizations is temporarily unavailable' and user will not be added.
      Exceptions for CASE ONE:
      ERROR [render_portlet_jsp:154] java.lang.NullPointerException

      Exceptions for CASE TWO:
      ERROR [render_portlet_jsp:154] com.liferay.portal.ModelListenerException:

      javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece ]; remaining name 'sAMAccountName=joe,dc=exa
      mple,dc=com'

      1. CASE1.txt
        2 kB
        Tammy Fong
      2. CASE2.txt
        18 kB
        Tammy Fong
      1. noADDusers.png
        51 kB

        Issue Links

          Activity

          Hide
          Tammy Fong added a comment -

          This bug is also on 6.0.12EE.

          Show
          Tammy Fong added a comment - This bug is also on 6.0.12EE.
          Hide
          Tammy Fong added a comment -

          Case 2 is no longer an issue on 6.1.x Revision: 91402.

          Show
          Tammy Fong added a comment - Case 2 is no longer an issue on 6.1.x Revision: 91402.
          Hide
          Eric Min (Inactive) added a comment -

          Still can reproduce case 2 on trunk.

          Show
          Eric Min (Inactive) added a comment - Still can reproduce case 2 on trunk.
          Hide
          Garry X added a comment -

          Here is another case. I set system to use LDAP Password policy and call UserLocalServiceUtil.addUser with userId=0 and autoPassword=0 and no organization ids. Then in UserLocalServiceImpl following is called:

          if (autoPassword) {
          PasswordPolicy passwordPolicy =
          passwordPolicyLocalService.getPasswordPolicy(
          user.getCompanyId(), user.getOrganizationIds());

          This will return null..

          Then it calls: password = PwdToolkitUtil.generate(passwordPolicy);

          And this will cause following NullPointerException:

          java.lang.NullPointerException
          at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generateDynamic(PasswordPolicyToolkit.java:164)
          at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generate(PasswordPolicyToolkit.java:76)
          at com.liferay.portal.security.pwd.PwdToolkitUtil._generate(PwdToolkitUtil.java:56)
          at com.liferay.portal.security.pwd.PwdToolkitUtil.generate(PwdToolkitUtil.java:32)
          at com.liferay.portal.service.impl.UserLocalServiceImpl.completeUserRegistration(UserLocalServiceImpl.java:1442)

          Show
          Garry X added a comment - Here is another case. I set system to use LDAP Password policy and call UserLocalServiceUtil.addUser with userId=0 and autoPassword=0 and no organization ids. Then in UserLocalServiceImpl following is called: if (autoPassword) { PasswordPolicy passwordPolicy = passwordPolicyLocalService.getPasswordPolicy( user.getCompanyId(), user.getOrganizationIds()); This will return null.. Then it calls: password = PwdToolkitUtil.generate(passwordPolicy); And this will cause following NullPointerException: java.lang.NullPointerException at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generateDynamic(PasswordPolicyToolkit.java:164) at com.liferay.portal.security.pwd.PasswordPolicyToolkit.generate(PasswordPolicyToolkit.java:76) at com.liferay.portal.security.pwd.PwdToolkitUtil._generate(PwdToolkitUtil.java:56) at com.liferay.portal.security.pwd.PwdToolkitUtil.generate(PwdToolkitUtil.java:32) at com.liferay.portal.service.impl.UserLocalServiceImpl.completeUserRegistration(UserLocalServiceImpl.java:1442)
          Hide
          Tammy Fong added a comment -

          Reproduced on:
          Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: e52a1750d0d246d1d7862ab3de9ee3d49b07e70a.
          Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 228bcefc4e621f15b8999134ca552897c128524d.

          Admin sees 'Users and Organizations is temporarily unavailable' and user will not be added.

          Show
          Tammy Fong added a comment - Reproduced on: Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: e52a1750d0d246d1d7862ab3de9ee3d49b07e70a. Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: 228bcefc4e621f15b8999134ca552897c128524d. Admin sees 'Users and Organizations is temporarily unavailable' and user will not be added.
          Hide
          Tomas Polesovsky added a comment -
          • CASE ONE is fixed in the pull.
          • CASE TWO is caused by improper configuration when exporting users to Active Directory. It's important to change Export -> Users DN section in LDAP configuration screen.

          Active Directory doesn't know base DN: dc=example,dc=com and creating user sAMAccountName=joe,dc=example,dc=com ends with the error described in CASE2.txt. Correct value for Users DN section should be similar to cn=Users,dc=my,dc=existing-domain,dc=com where dc=my,dc=existing-domain,dc=com is the base DN of the Active Directory Server.

          Show
          Tomas Polesovsky added a comment - CASE ONE is fixed in the pull. CASE TWO is caused by improper configuration when exporting users to Active Directory. It's important to change Export -> Users DN section in LDAP configuration screen. Active Directory doesn't know base DN: dc=example,dc=com and creating user sAMAccountName=joe,dc=example,dc=com ends with the error described in CASE2.txt. Correct value for Users DN section should be similar to cn=Users,dc=my,dc=existing-domain,dc=com where dc=my,dc=existing-domain,dc=com is the base DN of the Active Directory Server.
          Hide
          Michael Saechang added a comment -

          Committed on:
          Portal 6.2.x GIT ID: 735f923f1dffb675d769448aec6c465c458def27.

          Show
          Michael Saechang added a comment - Committed on: Portal 6.2.x GIT ID: 735f923f1dffb675d769448aec6c465c458def27.
          Hide
          Tammy Fong added a comment -

          PASSED Manual Testing following the steps in the description.

          Fixed on:
          Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: b9c744b090650f554a2ef1d44f3aca50ea55a934.

          Users can be created successfully after LDAP import is enabled in CASE 1 and CASE 2.

          Show
          Tammy Fong added a comment - PASSED Manual Testing following the steps in the description. Fixed on: Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: b9c744b090650f554a2ef1d44f3aca50ea55a934. Users can be created successfully after LDAP import is enabled in CASE 1 and CASE 2.
          Hide
          Hong Zhao added a comment -

          No longer support 6.0.x EE, close as fixed.

          Show
          Hong Zhao added a comment - No longer support 6.0.x EE, close as fixed.

            People

            • Votes:
              6 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                7 weeks, 2 days ago

                Development

                  Structure Helper Panel