Error Action Include : Reading of the included page AdminSys_Links not allowed.

apache sites www.conf DocumentRoot /srv/drupal/web

install within /srv/drupal

upgrade from command line

Il s'agit ici de mettre à jour drupal ...
cd /srv/drupal
/srv/drupal$ sudo -u www-data ./composer.phar update


module LDAP


Il semble y avoir deux modules ldap installés avec des versions différentes :

h24:/srv/drupal$ find . -name "DrupalUserProcessor .php"
./web/modules/contrib/ldap/ldap_user/src/Processor/DrupalUserProcessor .php
./web/modules/ldap/ldap_user/src/Processor/DrupalUserProcessor .php

modules dans .. ou contrib ?

https://www.drupal.org/forum/support/post-installation/2020-04-12/how-can-i-move-modules-from-modules-to-modulescontrib

notifications Orphaned LDAP Users


Un mail 'Linux Azur Orphaned LDAP Users' est parfois émis par webmaster et il semble relié à drupal.
Le premier mail reçu date de 30/12/2019 à 00:05

The following /1/ Drupal users no longer have corresponding LDAP entries.
They probably have been removed from the directory and might need to be
removed from your site.


Username,Mail,Link
()

Ce mail provient de la configuration de Drupal : https://www.linux-azur.org/admin/config/people/ldap/user

Orphaned account cron job
Action to perform on Drupal accounts that no longer have corresponding LDAP entries

(o) Perform no action, but email list of orphaned accounts. (All the other options will send email summaries also.)

La vérification a lieu toutes les semaines.

> ceci semble être connu et est en rapport avec le fait de changer de serveur ldap : https://www.drupal.org/project/ldap/issues/2101313


Un fois connecté sur drupal via https://www.linux-azur.org/user/

il y a cet avertissement :

Warning: count(): Parameter must be an array or an object that implements Countable in Drupal\ldap_user\Processor\DrupalUserProcessor ->isUserLdapAssociated() (line 637 of modules/contrib/ldap/ldap_user/src/Processor/DrupalUserProcessor .php).




Une mise à jour de sécurité est disponible pour votre version de Drupal. Afin de garantir la sécurité de votre serveur, effectuez immédiatement la mise à jour ! Consulter la page des mises à jour disponibles pour plus d'informations et pour installer vos mises à jour manquantes.




LDAP Orphaned : en rapport avec le module ldap :

/srv/drupal$ find -type f | xargs grep Orphaned
./web/core/modules/migrate_drupal/tests/fixtures/drupal7.php: 'name' => 'TriggerOrphanedActionsTestCase ',
./web/modules/contrib/ldap/ldap_servers/src/OrphanProcessor .php: $this->sendOrphanedAccountsMail();
./web/modules/contrib/ldap/ldap_servers/src/OrphanProcessor .php: public function sendOrphanedAccountsMail() {
./web/modules/contrib/ldap/ldap_user/ldap_user.module: $message['subject'] = \Drupal::config('system.site')->get('name') . ' ' . t('Orphaned LDAP Users');
./web/modules/contrib/ldap/ldap_user/src/Form/LdapUserAdminForm .php: '#title' => 'Orphaned account cron job',
./web/modules/contrib/ldap/ldap_user/config/schema/ldap_user.schema.yml: label: 'Orphaned account checking interval'
./web/modules/ldap/ldap_user/ldap_user.module: $message['subject'] = \Drupal::config('system.site')->get('name') . ' ' . t('Orphaned LDAP Users');
./web/modules/ldap/ldap_user/src/Processor/OrphanProcessor .php: $this->processOrphanedAccounts($queriedUsers);
./web/modules/ldap/ldap_user/src/Processor/OrphanProcessor .php: $this->sendOrphanedAccountsMail();
./web/modules/ldap/ldap_user/src/Processor/OrphanProcessor .php: public function sendOrphanedAccountsMail() {
./web/modules/ldap/ldap_user/src/Processor/OrphanProcessor .php: private function processOrphanedAccounts(array $users) {
./web/modules/ldap/ldap_user/config/schema/ldap_user.schema.yml: label: 'Orphaned account checking interval'


Serait-ce un problème de configuraiton ? :



The following /1/ Drupal users no longer have corresponding LDAP entries.
They probably have been removed from the directory and might need to be
removed from your site.


Username,Mail,Link
rmages,rmages@linux-azur.org,https://www.linux-azur.org/user/36/edit


Dans la config ( LinuxAzur en db )

Expression for user DN. Required when "Bind with Users Credentials" method selected.

cn=%username,%basedn

> or pour rené cn=René MAGES , peut être uid serait t'il la solution ?



Selection du serveur ldap dans drup : https://www.linux-azur.org/admin/config/people/ldap/server
LinuxAzur Service account bind cn=drupal,ou=apps,dc=linux-azur,dc=org Yes ldap://localhost 389 Server available

ldap queries :
https://www.linux-azur.org/admin/config/people/ldap/query
'admin-sys' 'Membres Du Bureau' 'Utilisateurs inscrits'


je ne trouve pas de correspondance pour "laz_ldap" qui est la valeur de la colonne ldap_user_puid_sid dans users_field_data...

elle existe pourtant dans la base ;:
SELECT * FROM `key_value` WHERE `collection` = 'config.entity.key_store.ldap_server' LIMIT 50
config.entity.key_store.ldap_server uuid:a76db84f-61b3-4e8a-8435-a1d25e326af2 a:1:{i:0;s:28:"ldap_servers.server.laz_ldap";}

SELECT * FROM `cache_config` WHERE `data` LIKE '%LinuxAzur%' LIMIT 50
cid : ldap_servers.server.laz_ldap
data :
a:40:{s:4:"uuid";s:36:"a76db84f-61b3-4e8a-8435-a1d25e326af2";s:8:"langcode";s:2:"fr";s:6:"status";b:1;s:12:"dependencies";a:0:{}s:2:"id";s:8:"laz_ldap";s:5:"label";s:9:"LinuxAzur";s:4:"type";s:7:"default";s:7:"address";s:16:"ldap://localhost";s:4:"port";i:389;s:7:"timeout";N;s:3:"tls";b:0;s:10:"followrefs";N;s:6:"weight";N;s:11:"bind_method";s:15:"service_account";s:6:"binddn";s:38:"cn=drupal,ou=apps,dc=linux-azur,dc=org";s:6:"bindpw";s:20:"///";s:6:"basedn";s:30:"ou=people,dc=linux-azur,dc=org";s:9:"user_attr";s:3:"uid";s:17:"account_name_attr";s:3:"uid";s:9:"mail_attr";s:4:"mail";s:13:"mail_template";s:0:"";s:12:"picture_attr";s:9:"jpegphoto";s:22:"unique_persistent_attr";s:2:"dn";s:29:"unique_persistent_attr_binary";b:0;s:18:"user_dn_expression";s:21:"uid=%username,%basedn";s:23:"testing_drupal_username";s:0:"";s:22:"testing_drupal_user_dn";s:0:"";s:10:"grp_unused";b:0;s:14:"grp_object_cat";s:8:"memberof";s:10:"grp_nested";b:1;s:25:"grp_user_memb_attr_exists";b:0;s:18:"grp_user_memb_attr";s:0:"";s:13:"grp_memb_attr";s:8:"memberof";s:29:"grp_memb_attr_match_user_attr";s:9:"memberuid";s:18:"grp_derive_from_dn";s:1:"1";s:23:"grp_derive_from_dn_attr";s:2:"ou";s:15:"grp_test_grp_dn";s:0:"";s:25:"grp_test_grp_dn_writeable";s:0:"";s:17:"search_pagination";b:0;s:16:"search_page_size";N;}