import does not sync guid for every user

[jagDanJu]

• Laravel Version: 5.8
• Adldap2-Laravel Version: 6.0.1
• PHP Version: 7.2.12
• LDAP Type: ActiveDirectory

Description:

When updating from version 5 to 6 I followed the upgrade guide and created a new column for the GUID in the users table. Afterwards I have php artisan adldap: import --no-interaction executed to synchronize the objectguid from the AD.

For some users, the guid has been added, but several hundred have remained where the value remains at null.

Obtaining the ObjectGUID for each user works fine with PowerShell

I have no idea where to start looking for the mistake. Do you have a hint?

[stevebauman]

Hi @jagDanJu,

I haven't been able to replicate this issue. How many users are you importing at once? Also, have you added any scopes to the ldap_auth.scopes array?

The users objectguid field is set here in the Import command:

Adldap2-Laravel/src/Commands/Import.php

Lines 108 to 111 in 93d7278

	// Set the users LDAP identifier.
	$model->setAttribute(
	Resolver::getDatabaseIdColumn(), $this->getObjectGuid()
	);

[jagDanJu]

Hey @stevebauman,

Thank you für your Tip. After some debugging i found the problem in my special use case.
In my User Model i set the username (in my case the samaccountname) as upper cases.

In the Import Command on following lines the command cant find the existing user model because the ldap search returns the samaccountname in lower case:

Adldap2-Laravel/src/Commands/Import.php

Lines 88 to 96 in 93d7278

	return $query->where(
	Resolver::getDatabaseIdColumn(),
	'=',
	$this->getObjectGuid()
	)->orWhere(
	Resolver::getDatabaseUsernameColumn(),
	'=',
	$this->getUsername()
	)->first();

after i changing the code to this everything works fine.

return $query->where(
            Resolver::getDatabaseIdColumn(),
            '=',
            $this->getObjectGuid()
        )->orWhere(
            Resolver::getDatabaseUsernameColumn(),
            '=',
            $this->getUsername()
        )->orWhere(
            Resolver::getDatabaseUsernameColumn(),
            '=',
            strtoupper($this->getUsername())
        )->first();

Is there an better solution, maybe?
It would be great if it works by default, otherwise I would have to adjust the functionality after every version update ...
Does a pull request make sense?

[stevebauman]

Hey @jagDanJu, ah okay that makes sense!

This is something that has affected a couple users here, I think this definitely needs to be patched.

I'm going to add a static function to the UserResolver to have the ability to alter the query for locating users. Labeling this as a bug.

[stevebauman]

Hi @jagDanJu,

I've added the ability to use your own custom scope to locate LDAP users in your local database. A new release will be out shortly as well as some documentation. Here's how you'll use it.

Create your scope:

namespace App\Scopes;

use Illuminate\Support\Str;
use Adldap\Laravel\Commands\UserImportScope as BaseScope;

class LdapUserImportScope extends BaseScope
{
    public function getUsername()
    {
        return Str::upper($this->username);
    }
}

Inside the boot() method of your AppServiceProvider:

use App\Scopes\LdapUserImportScope;
use Adldap\Laravel\Commands\Import;

public function boot()
{
    Import::useScope(LdapUserImportScope::class);
}

[jagDanJu]

Hey @stevebauman

Works perfectly! Thank you for the quick help.

[stevebauman]

Awesome @janDanJu! Great to hear. No problem at all!