Dokuwiki & rh-php71-php-fpm need testers

(Stéphane de Labrusse) #1

dokuwiki 20180422 needs now php56 at least, I project to use php71 with nethserver-rh-php71-php-fpm…please test and report the upgrade.

yum install http://mirror.de-labrusse.fr/NethDev/nethserver-dokuwiki/dokuwiki-20180422-2.ns7.sdl.noarch.rpm http://mirror.de-labrusse.fr/NethDev/nethserver-dokuwiki/nethserver-dokuwiki-1.2.0-1.ns7.sdl.noarch.rpm

(Markus Neuberger) #2

I tested a fresh install on a VM and an update on a production server and it worked like a charm except of AD login.

I suspect certificate problems and I found following entry in ssl_error_log, it occurs on signal-event nethserver-dokuwiki-update:

[Tue May 01 22:14:20.768654 2018] [ssl:warn] [pid 11605] AH01909: RSA certificate configured for server2.cmb.local:443 does NOT include an ID which matches the server name

I don’t know how to debug dokuwiki ldap, I tried allowdebug but I didn’t find something relevant.

Working perfectly:

  • Fresh install
  • Update - no cache problems, logged in user kept logged in, no update message anymore
  • internal/ldap user logins even after some switching
(Stéphane de Labrusse) #3

this should not be relevant to dokuwiki I think, it could come from your ssl settings.

I will test it again and report back, thank a lot for your work markus

(Stéphane de Labrusse) #4

You are right the samba AD is broken, but not relevant to the php71 and dokuwiki upgrade

(Stéphane de Labrusse) #5

funny bug if I use

<?php
/*
# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
*/

$conf['authtype'] = 'authad';
$conf['plugin']['authad']['account_suffix']     = '@de-labrusse.fr';
$conf['plugin']['authad']['base_dn']            = 'dc=ad,dc=de-labrusse,dc=fr';
$conf['plugin']['authad']['domain_controllers'] = 'ldaps://ad.de-labrusse.fr'; //multiple can be given
$conf['plugin']['authad']['admin_username']        = 'ldapservice';
$conf['plugin']['authad']['admin_password']        = 'h16wu7gXegOaHu2g';


$conf['useacl'] = 1;



?>

it doesn’t work

but if I use

$conf['plugin']['authad']['admin_username']        = 'admin';
$conf['plugin']['authad']['admin_password']        = 'PASSWORD';

it is workable

@davidep do you have a hint ?

(Davide Principi) #6

I bet the ldapservice account wants a different suffix: @ad.de-labrousse.fr!

Look at the LDAP attribute userPrincipalName for confirmation.

(Stéphane de Labrusse) #7

Tk davidep, solved

With your code change ldapservice is just a simple user and I used it as an admin.

The solution is to remove the admin login and password field and use a self user bind to authenticate.

(Stéphane de Labrusse) #8

released for ns7