We are using Tiki 5.1 with LDAP Authentication. LDAP works fine so far. Permissions inside Tiki should be realized using LDAP (AD) Groups, adding/removing Users to AD Group to grant or revoke permissions in Tiki.
Synchronisation between AD -> Tiki works too... but
we have AD Groups with "," in its group name.
In /lib/smarty_tiki/function.treetable.php > function smarty_function_treetable() the $_checkbox and $_checkboxColumnInxed use preg_split() with "," as split character. This results in the error message: {treetable}: Number of items in _checkboxColumnIndex doesn not match items in _checkbox.
e.g. $_checkbox

    [0] => perm[Anonymous]
    [1] => perm[Registered]
    [2] => perm[BCIWEB_AG]
    [3] => perm[RBG
    [4] =>   Web Aministation & Entwicklung Team]
    [0] => Anonymous_hasPerm
    [1] => Registered_hasPerm
    [2] => BCIWEB_AG_hasPerm
    [3] => RBG,  Web Aministation & Entwicklung Team_hasPerm

Quickest (and dirtiest) way to fix it should be removing "," from AD Groupnames.
Other possibilities could be:

  • Changing Name in Database once, hoping it does not get re-synchonised with AD
  • Using a character for "encoding" parameters which can't be used in AD Names

Any other quick fix I forgot?


