Bug 41812 - lo.binddn is not set when logged in via SAML
lo.binddn is not set when logged in via SAML
Product: UCS
Classification: Unclassified
Component: UMC (Generic)
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.2
Assigned To: Florian Best
Philipp Hahn
: interim-1
Depends on:
  Show dependency treegraph
Reported: 2016-07-18 14:35 CEST by Florian Best
Modified: 2017-04-04 18:28 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted after Product Owner Review:
Ticket number:
Bug group (optional): Cleanup
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2016-07-18 14:35:42 CEST
A instance of univention.uldap.access where authentication has been done via SAML has no binddn attribute set. This attribute is e.g. used in UCS@school to detect which schools the user belongs to.
We should move the SAML-bind()ing part from UMC to univention.uldap.access().

We could add the following methods to the access class:

bind_kerberos() (used in adconnector, etc.)
unbind() (Bug #37519)
Comment 1 Florian Best univentionstaff 2016-09-06 18:27:58 CEST
univention-directory-manager-modules (12.0.3-1):
univention-management-console (9.0.7-1):
univention-python (10.0.1-1):
r72330 | Bug #37519: make sure binddn is set when logged in via SAML
Comment 2 Philipp Hahn univentionstaff 2017-01-23 16:31:31 CET
OK: r72330
OK: SAML login
OK: No Changelog
Comment 3 Stefan Gohmann univentionstaff 2017-04-04 18:28:25 CEST
UCS 4.2 has been released:

If this error occurs again, please use "Clone This Bug".