Filter not respected. - Githubissues

matrix-org / matrix-synapse-ldap3

An LDAP3 auth provider for Synapse

Apache License 2.0

127 stars 46 forks source link

Filter not respected. #169

Open Juronski opened 2 years ago

Juronski commented 2 years ago

Hi,

I have a working filter for OpenLDAP. I want to use it with matrix-synapse-ldap3 but it is not respected when logging in. The filter works when I use it with ldapsearch. And it does not work on matrix-synapse-ldap3. The filter is: filter: "(memberOf=cn=names,ou=group,dc=domain,dc=xyz)"

I use matrix-synapse-ldap3-0.2.1, matrix-synapse-1.63.1, openldap26-server, element-web-1.11.1, FreeBSD-13.1.

Am I missing something?

Thank You in advance. J.

Juronski commented 2 years ago

Does the filter work at all? When I filter on membership information in the user objects, the filter is also not respected. The following filter works with ldapsearch but does not give a result with matrix-synapse-ldap3 (everybody in the user object can login): filter: "(&(objectClass=inetOrgPerson)(mail=*@domain.xyz))"

z-eos commented 1 year ago

confirm, for me filter is ignored if bind_* options are unset

matrix-synapse-ldap3-0.2.2

zeo101 commented 1 year ago

At first, my group memberOf filter also did not work. After I moved the filter line directly beneath the bind line, it is respected.