Open ForceFaction opened 5 months ago
@ForceFaction , what are the changes you propose? Please provide a sample Caddyfile snippet. What are the changes to “go-authcrunch”? https://github.com/greenpau/go-authcrunch/blob/main/pkg/ids/ldap/authenticator.go
The system should not assume memberof for LDAP. Every group contains a list of memberUids which should be searched instead for the users uid.
The Caddyfile needs a flag that disables memberof. Then the groups a user belongs to can be found with a search_group_filter like this
(&(memberUid=%s)(objectClass=posixGroup))
where %s is the uid of the user.