Bugfix - value truncation to fit Moodle database
- Added truncate_userinfo() to cleanup data coming from external auth
- Fixed auth_user_create() to truncate user info as appropriate
Auth_ldap_user_sync
- created external script that calls the function
- much faster update strategy on postgres and mysql: auth_sync_users now to uses bulk inserts into a temp table, and then use LEFT JOINs and plain old SELECTs to determine what users it has to insert.
- we now loop over smaller sets of data -- we are still memory-bound, but (a) it'll be easy to use LIMIT to manage that and (b) memory use is much lower now in all cases.
- postgres: phased commits in auth_user_sync() for the batch user upload phase
- Several feature and performance enhancements:
- if a value is removed from ldap, it will be cleared from moodle
- no-op updates (where the data does not change) are skipped
- if a user disappears and then reappears in LDAP in two separate calls to auth_user_sync(),the account will be marked deleted and then be revived. before, the account would have been deleted and created anew.
Multi-source ldap values:
The LDAP auth module now accepts a comma separated set of LDAP field names. When creating or updating a user record, auth/ldap will retrieve all the relevant fields. The right-most values overwrites all the others.
This is particularly useful when updating the user's email address from an LDAP source, which may contain the email address in one of several fields (traditionally: mail, mailForwardingAddress, mailAlternateAddress).
If a value is updated and is set to update external auth and this field is using this multi-source ldap configuration, the auth/ldap module will retrieve the old value, find which field it was sourced from, and update that field in LDAP. If it fails to find the original source of the value, it will log it in error_log.
Log of patchsets applied:
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-131
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-137
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-139
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-172
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-173
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-189
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-190
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-208
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-212
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-216
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-279
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-282
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-287
arch-eduforge@catalyst.net.nz--2004/moodle--eduforge--1.3.3--patch-294
Started work with bug 2007
Bug 1969 is partacaly fixed. ldap-module supports now password expiration.
Some work with bugs 761 and 1730
Changes in login/index.php
Reordered some code to make variables reusable in multiple places.
Added redirection in case of expired password
When first server(s) are down there delay before connecting secondary servers.
So you system feels slow if first server is down, but Moodle still authenticates to sedondary servers.
Other major change:
auth_ldap_bind fuction is removed.
due phps ldap_connect() limitations auth_ldap_connect() does now also ldap_bind()
to see if server is up.
