Open RKO1337 opened 1 year ago
welcome[bot]
commented
1 year ago 👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.
uberbrady
commented
1 year ago Try something like:
&(|(memberof=cn=staff,ou=groups,dc=xxxxx,dc=xx)(memberof=cn=almost-staff,ou=groups,dc=xxxx,dc=xx))The auth query will get appended to the LDAP filter, so you'll need that 'and' there. The parentheses then give you a subquery that's the 'OR' query that you're looking for.
RKO1337
commented
1 year ago I created two users: itam-staff (member of group staff) and itam-almost-staff (member of group almost-staff).
Only itam-staff is able to login with your provided LDAP Filter. Both users are synced to SnipeIT.
Test LDAP Login itam-staff
Test LDAP Login itam-almost-staff
I added the user itam-almost-staff to the group staff for testing. I was able to login as the user, and the Test LDAP Login in the LDAP configuration page worked.
When the user itam-almost-staff is removed from the group staff the user is still able to login, but the Test LDAP Login in the LDAP configuration page is failing.
Debug mode
Describe the bug
We use a LDAP filter with an 'or' query which filters for two groups. When using the filter the warning "This value should probably not be wrapped in parentheses." is displayed.
Reproduction steps
Expected behavior
Users of groups "staff" and "almost-staff" are able to login.
Screenshots
No response
Snipe-IT Version
v6.0.12-alpine
Operating System
alpine
Web Server
httpd provided in Docker image
PHP Version
PHP 7.4.26
Operating System
No response
Browser
No response
Version
No response
Device
No response
Operating System
No response
Browser
No response
Version
No response
Error messages
No response
Additional context
No response