Open Startouf opened 9 years ago
same problem here. does replacing 'uniqueMember' with 'memberUid' really solve the problem?
I don't know. Because I could afford to change my LDAP structure, I decided to switch to objectType GroupeOfUniqueNames to have the uniqueMember attribute (I had to create the groups anyway and only a few of them were already POSIX groups).
However the solution should work. Or that's the feeling I got when I looked at the packets from Wireshark. I believe you could use whatever attribute name you want.
My LDAP has groups of objectType
posixGroup
, and they don't haveuniqueMember
attribute but insteadmemberUid
attribute.Hence,
LDAP::Adapter.get_groups()
will fail because it had a hardcoded 'uniqueMember' filter (ldap/connection.rb line 173)This attribute should be instead specified in the config file. Or rather, it would be great if we could check user groups with multiple attributes.