Open ivory-mischke opened 2 months ago
@ivory-mischke Unfortunately I cannot test on ActiveDirectory. As it seems that you always get at least one AD group when running the synchronization, I believe the issue comes from a condition in the query. The code managing the AD groups listing is the next one :
// prepare query
$query = $connection->query();
// get all parameters to search
foreach (static::$objectClasses as $objectClass) {
$query->where('objectclass', '=', $objectClass);
}
try {
// perform query and get data
$groups = $query->get();
$groupsArr = [];
foreach($groups as $key => $group) {
$adGroupId = (int) $group[(isset($settings['ldap_guid_attibute']) === true && empty($settings['ldap_guid_attibute']) === false ? $settings['ldap_guid_attibute'] : 'gidnumber')][0];
$groupsArr[$adGroupId] = [
'ad_group_id' => $adGroupId,
'ad_group_title' => $group['cn'][0],
'role_id' => -1,
'id' => -1,
'role_title' => '',
];
}
return [
'error' => false,
'message' => 'Groups fetched successfully.',
'userGroups' => $groupsArr,
];
} catch (\Throwable $e) {
return [
'error' => true,
'message' => 'LDAP Error: ' . $e->getMessage(),
'userGroups' => [],
];
}
Can you please
foreach (static::$objectClasses as $objectClass) {
$query->where('objectclass', '=', $objectClass);
}
/*
foreach (static::$objectClasses as $objectClass) {
$query->where('objectclass', '=', $objectClass);
}
*/
THis will remove the conditions added to the query. Please share the feedback
Thanks for the reply!
This is what my file looks like:
I'm still seeing only 1 group show up:
These are the groups in AD for the base DN LDAP config setting that I'm expecting to see.
@ivory-mischke
Have you tried to check if your attributes are the correct ones
Perhaps the attribute
groupOfNames
could be added to current group