Hi all
We are connecting a Moodle 2.7.latest site to a new ActiveDirectory. It almost works. Every time a user logs in the above warning comes up. One could work after clicking "Continue" though.
I searched this forum and according to the discussion "LDAP sync task - Duplicate user name - Samaccountname" https://moodle.org/mod/forum/discuss.php?d=352329 it could mean duplicate user names.
Can somebody confirm or shed light in to this?
Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Visvanath Ratnaweera -
Number of replies: 8
In reply to Visvanath Ratnaweera
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Emma Richardson -
The discussion you linked to has a totally different error message though - did you run the ldap sync and see a message about duplicate usernames?
In reply to Emma Richardson
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Visvanath Ratnaweera -
Hi Emma
It is quite possible that my clue was wrong!
No, I didn't run the ldap sync. The local adminstrator does not want it, for the simple reason that it will pull tens of thousends of users in to Moodle where as less than 100 are actually involved.
I have ldapsearch though.
It is quite possible that my clue was wrong!
No, I didn't run the ldap sync. The local adminstrator does not want it, for the simple reason that it will pull tens of thousends of users in to Moodle where as less than 100 are actually involved.
I have ldapsearch though.
In reply to Visvanath Ratnaweera
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Iñaki Arenaza -
Hi Visvanath,
the first warning comes from the ldap membership group checking code. As fas as I can see, that code is only called from the iscreator() method. And that call is only performed if the 'Creators' setting is non-empty. It looks like that setting contains a value that is not an actual existing group distinguished name (or group DNs, separated by semi-colons). That's why you get the warning: the LDAP server can't read (access) that particular LDAP object. So make sure all the configured creators groups are using the right distinguished names (or make sure the setting is completely empty).
The login process can continue regardless of this warning because being a creator (or not) doesn't prevent the user from login. The only difference lays in whether you also get the course creator role or not.
Regarding the second and third notice and warning, they come from the Active Directory password expiration checking code (so I guess you have password expiration checking enabled). Moodle is trying to read the 'maxPwdAge' attribute from Active Directory LDAP root, but it's not getting anything back from LDAP server (which is a bit unexpected). But the code tries to use the expected value anyway. That's why you get the warnings. Again, this does not prevent the user from login, as PHP treats an empty value as 0 (zero), and the AD expiration code interprets that as the AD domain being configured with to ignore password expiration.
I can think of two possible options for this problem to occur:
- The configured bind user doesn't have enough permissions to read maxPwdAge (regular users can read that attribute in a default AD setup in Windows 2003, 2008 and 2012, but your AD administrator might have applied more restrictive settings),
- Your Moodle site is using a Global Catalog as the LDAP server, where the maxPwdAge attribute is not available.
Saludos. Iñaki.
In reply to Iñaki Arenaza
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Matteo Scaramuccia -
Hi Iñaki,
thanks for your deep diving into these warnings (Global Catalog bit included): worth filing an issue to cleanup the code, included comments with some bits of your explanation above?
In reply to Iñaki Arenaza
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Visvanath Ratnaweera -
Hi Iñaki
Thanks a lot for such an in-depth report!
The first statement is confirmed in the mean time:
> And that call is only performed if the 'Creators' setting is non-empty. It looks like that setting contains a value that is not an actual existing group distinguished name (or group DNs, separated by semi-colons)
There was a "Course creator" setting which was inherited from the previous AD, which was apparently not being used. Deleted that and the first error message is gone!
I have no control over the other two, the AD comes from another dept. (Even if I had access, I won't understand what you are talking about. ;) Sent the link to the other party and waiting for the reply.
Thanks a lot for such an in-depth report!
The first statement is confirmed in the mean time:
> And that call is only performed if the 'Creators' setting is non-empty. It looks like that setting contains a value that is not an actual existing group distinguished name (or group DNs, separated by semi-colons)
There was a "Course creator" setting which was inherited from the previous AD, which was apparently not being used. Deleted that and the first error message is gone!
I have no control over the other two, the AD comes from another dept. (Even if I had access, I won't understand what you are talking about. ;) Sent the link to the other party and waiting for the reply.
In reply to Iñaki Arenaza
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Visvanath Ratnaweera -
Hi Iñaki
A late report about the two warnings, you wrote:
> Regarding the second and third notice and warning, they come from the Active Directory password expiration checking code (so I guess you have password expiration checking enabled). Moodle is trying to read the 'maxPwdAge' attribute from Active Directory LDAP root, but it's not getting anything back from LDAP server (which is a bit unexpected). But the code tries to use the expected value anyway. That's why you get the warnings.
Couldn't get the AD to move. I've matched Moodle instead by setting > LDAP password expiration setting: Expiration='no'. The warnings vanished.
Do you see potential conflicts in the solution above?
A late report about the two warnings, you wrote:
> Regarding the second and third notice and warning, they come from the Active Directory password expiration checking code (so I guess you have password expiration checking enabled). Moodle is trying to read the 'maxPwdAge' attribute from Active Directory LDAP root, but it's not getting anything back from LDAP server (which is a bit unexpected). But the code tries to use the expected value anyway. That's why you get the warnings.
Couldn't get the AD to move. I've matched Moodle instead by setting > LDAP password expiration setting: Expiration='no'. The warnings vanished.
Do you see potential conflicts in the solution above?
In reply to Visvanath Ratnaweera
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Iñaki Arenaza -
Potential conflicts? Only if you need password expiry checking
If you don't, then no problem at all.
Saludos. Iñaki.
In reply to Iñaki Arenaza
Re: Warning: array_change_key_case() expects parameter 1 to be array, null given in /var/www/moodle2/auth/ldap/auth.php on line 2066
by Visvanath Ratnaweera -
Iñaki, thanks a lot for the quick reply! So I will leave this setting at 'no'.
If there'll be a backlash, then will tackle it then.
If there'll be a backlash, then will tackle it then.