group_bind=true

[nlp@…]

When I sets group_bind = true, Trac returns an error:

---

Traceback (most recent call last):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/api.py", line 367, in send_error

'text/html')

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 708, in render_template

data = self.populate_data(req, data)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 618, in populate_data

dchrome?.update(req.chrome)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/api.py", line 194, in getattr

value = self.callbacks[name](self)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 476, in prepare_request

for category, name, text in contributor.get_navigation_items(req):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/ticket/web_ui.py", line 163, in get_navigation_items

if 'TICKET_CREATE' in req.perm:

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 524, in has_permission

return self._has_permission(action, resource)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 538, in _has_permission

check_permission(action, perm.username, resource, perm)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 425, in check_permission

perm)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 282, in check_permission

get_user_permissions(username)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 357, in get_user_permissions

for perm in self.store.get_user_permissions(username):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 170, in get_user_permissions

subjects.update(provider.get_permission_groups(username))

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 108, in get_permission_groups

ldapgroups = self._get_user_groups(username)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 149, in _get_user_groups

ldap_groups = self._ldap.get_groups()

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 541, in get_groups

groups = self.get_dn(self.basedn, 'objectclass=' + self.groupname)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 564, in get_dn

sr = self._search(basedn, filterstr, dn?, ldap.SCOPE_SUBTREE)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 647, in _search

self._open()

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 632, in _open

self._ds.simple_bind_s(self.bind_user, self.bind_passwd)

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 197, in simple_bind_s

msgid = self.simple_bind(who,cred,serverctrls,clientctrls)

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 191, in simple_bind

return self._ldap_call(self._l.simple_bind,who,cred,EncodeControlTuples(serverctrls),EncodeControlTuples(clientctrls))

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 96, in _ldap_call

result = func(*args,kwargs)

TypeError: argument 2 must be string or read-only buffer, not None

[rverchere@gmail.com]

You may enter a password for your bind user.
See LdapPlugin#AuthenticatedLDAPconnections

[ldap]
group_bind = true
bind_user = user
bind_passwd = passwd

Here is also a patch to warn user when using bind with bind_user only (missing bind_passwd):

ldapplugin/api.py

@@ -637 +637 @@
                                        (protocol, self.host, self.port))
             self._ds.protocol_version = ldap.VERSION3
             if self.bind:
-                if not self.bind_user:
+                if not self.bind_user or not self.bind_passwd:
                     raise TracError("Bind enabled but credentials not defined")
                 head = self.bind_user[:self.bind_user.find(',')]
                 if ( head.find('=') == -1 ):