Open KeiichiKun opened 5 years ago
The search filter can be anything, it doesn't have to be samaccountname
. Use the LDAP field which matches the username or email.
Yes, but all fields I can use are always referring to the group, not the members inside the group..
Actual behavior
Connection to ldap not working (web interface returns wrong usename/password)
Expected behavior
Login should not failed
Steps to reproduce the behavior
The AD structure is like
DC=mydomain,DC=dom --> OU=Firstou --> OU=Secondou --> CN=myuser and DC=mydomain,DC=dom --> CN=Users --> CN=Mygroup --> 2 members inside the group
In config.yml
ldap: enabled: true url: 'ldap://myip:389' bindDn: 'CN=myuser,OU=Secondou,OU=Firstou,DC=mydomain,DC=dom' bindCredentials: mypassword searchBase: 'CN=Mygroup,CN=Users,DC=mydomain,DC=dom' searchFilter: '(samaccountname={{username}})' tlsEnabled: false tlsCertPath: 'C:\example\root_ca_cert.crt'
The username will never be equal to samaccountname, maybe because samaccountname returns mygroup samaccountname, and not samaccountname of members inside the group
How can i achieve this?
Thanks