vcl-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Thompson <josh_thomp...@ncsu.edu>
Subject Re: Unable to add new users to new group
Date Wed, 22 Aug 2012 12:32:18 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Arbin,

Aaron gave some good info.  However, it would be useful to know more
specifically what problem you are having.  Explaining the exact steps
you are doing and what you would expect to happen after performing
those steps really helps others give you useful information.

Josh

On 08/21/12 16:25, Aaron Coburn wrote:
> Arbin, I assume you are adding users who have not previously
> logged in to the VCL.
> 
> if you are using version 2.3, this is easy. You should simply make 
> sure you have this line in .ht-inc/conf.php:
> 
> define("ALLOWADDSHIBUSERS", 1);
> 
> if you are using version 2.2.1, it is still possible, but much
> more complicated. You will need to define a function in the
> $affilValFunc array. All of this configuration happens in the
> conf.php file.
> 
> Something like this:
> 
> $affilValFunc[$affiliationid] = create_function('', 'return 1;');
> 
> you will also need to define a function for the $addUserFunc and 
> $addUserFuncArgs arrays. The function should be something like the 
> existing addShibUser() function, but it needs to have this 
> signature:
> 
> int myAddShibUserFunc(int affiliationid, string username);
> 
> This function should take an affiliation ID and a username (the 
> username will be the part of an EPPN before the @ sign) and add
> that user directly to the database. Use addShibUser() as a
> template, just ignoring the values for email, first and last name.
> The function should return NULL on error.
> 
> That is to say:
> 
> function myAddShibUserFunc($affilid, $username){ // SQL query
> adding user to the database if($success){ return $new_user_id; }
> else { return NULL; } }
> 
> $addUserFuncArgs[$affiliationid] = 'myAddShibUserFunc';
> 
> Also, the $addUserFuncArgs array should be defined like this:
> 
> $addUserFuncArgs[$affiliationid] = $affiliationid;
> 
> I should also note that the affiliationID value used in these 
> definitions should be the positive integer found in the database,
> not the "0" value used in $authMechs.
> 
> That said, this is all much less error-prone if done with version 
> 2.3.
> 
> Alternately, if you are using 2.2.1, you can simply inform users
> that they must first login before they are added to groups (if you
> want manual control over such things), or you can modify 
> shibauth/index.php to automatically add all users to particular 
> groups, possibly based on shibboleth attributes. For that, you
> would need a line such as:
> 
> updateGroups(array(getUserGroupID('My Group Name', $affilid)), 
> $usernid);
> 
> in shibauth/index.php
> 
> Hope that helps.
> 
> Aaron
> 
> 
> 
> -- Aaron Coburn Systems Administrator and Programmer Academic 
> Technology Services, Amherst College 
> acoburn@amherst.edu<mailto:acoburn@amherst.edu>
> 
> 
> 
> 
> 
> 
> On Aug 21, 2012, at 3:48 PM, Sanders, Arbin D wrote:
> 
> Hello all,
> 
> I am having an issue adding new user to a newly created VCL group.
> In the past, we were connected via LDAP but as of now, we are
> using Shibboleth to authenticate our users. Would this affect
> anything?
> 
> Arbin Darren Sanders
> 
> Information Technology Manager – Academic Support Services 
> Information Technology Services North Carolina Central University
> 712 Cecil Street Suite 3014 Durham, NC 27707 919.530.6307
> 919.530.5097 (Fax)
> 
> 
> CONFIDENTIALITY: This email (including any attachments) may
> contain confidential, proprietary and privileged information, and 
> unauthorized disclosure or use is prohibited. If you received this 
> email in error, please notify the sender and delete this e-mail
> from your system.
> 
> 
> ______________________________________________________________________
>
>
> 
This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com 
> ______________________________________________________________________
>
>
> 
> 

- -- 
- -------------------------------
Josh Thompson
VCL Developer
North Carolina State University

my GPG/PGP key can be found at pgp.mit.edu

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlA00VIACgkQV/LQcNdtPQOl3wCdFcMgpafdXCOc+pXkLEMaunmg
pk4An2qV3Ma7zUlf7ywPhYXroLhid7Mf
=PylO
-----END PGP SIGNATURE-----

Mime
View raw message