Closed cdaecke closed 2 years ago
Maybe a bit late, but might be helpful for others:
Your filter has a typo, you will be using duplicate CN=
.
Change your filter from:
(&(member:1.2.840.113556.1.4.1941:=CN={USERDN})(objectClass=group))
to:
(&(member:1.2.840.113556.1.4.1941:={USERDN})(objectClass=group))
And make sure to set LDAP » Relation between groups and users
to Group contains the list of its members
, otherwise the group query is useless, as the memberOf
property of the user would be used (which doesn't contain the recursive groups).
is it to be considered solved?
Yes, thanks a lot!
First of all: A big thank you for this great extension!
Now my question/problem/challenge: I would like to get the users of a subgroup, which I do not import into TYPO3. My configuration in the backend module
LDAP / SSO
in the tabFE_GROUPS
is the following:Base DN:
ou=Intranet,ou=GROUPS,ou=MyBusiness,dc=example,dc=com
Filter:
(&(member={USERDN})(objectClass=group))
This works perfectly fine and returns the groups of the Active Directory below the branch
Intranet
.Active directory tree:
MyBusiness |- GROUPS |-- Intranet |--- Sub 1 |--- Sub 2 |-- Other
Other
is memberOfSub 1
.Now I would like to give access to the group
Sub 1
which has no users attached itself, but is member ofOther
. Since I don't get the groupOther
, because it is outside of theIntranet
tree, it seems to not knowing the users ofOther
.Is there a way to get this working?
With the following filter, I get everything I need for one user:
(&(member:1.2.840.113556.1.4.1941:=CN=MyName,OU=abc,OU=def,OU=hij,OU=MyBusiness,DC=example,DC=com)(objectClass=group))
But the following, general approach, returns nothing:
(&(member:1.2.840.113556.1.4.1941:=CN={USERDN})(objectClass=group))
Any hint is much appreciated.