-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Group sync from LDAP #78
Comments
This could be caused by the underscore in group name. I am dealing with a search filter similar to this: This changed recently, the group was located in a OU without underscore before, and it was working fine. |
Please note that in-use LDAP code is here https://github.com/wekan/wekan/tree/master/packages , pull requests should be added to that repo. Not this wekan/ldap. I have not looked is some PR of this wekan/ldap repo is missing from wekan/wekan repo, because I don't have any LDAP server. |
Hi,
I successfully synchronized my AD from an OU.
Here is my configuration :
Key Value
default-authentication-method ldap
ldap-authentication true
ldap-authentication-password MYPASSWORDldap-authentication-userdn CN=kanbansyncad,OU=syncusers,DC=intra,DC=DOMAIN,DC=TLD
ldap-background-sync true
ldap-background-sync-import-new-users trueldap-background-sync-interval every 1 minute
ldap-background-sync-keep-existant-users-updated trueldap-basedn OU=usersbase,DC=intra,DC=DOMAIN,DC=TLD
ldap-connect-timeout 10000
ldap-enable true
ldap-encryption false
ldap-fullname-field cn
ldap-host 192.168.XXX.XXX
ldap-idle-timeout 10000
ldap-log-enabled true
ldap-login-fallback true
ldap-port 389
ldap-reconnect true
ldap-timeout 10000
ldap-user-search-field sAMAccountName
ldap-username-field sAMAccountName
mail-from kanban <[email protected]>
mail-url smtp://mail.XXXXXXX.fr:25
port 80
root-url http://kanban.XXXXXXXXX.xx
But I prefer to authorize only the users of a group.
I used a rule that I used to put but it doesn't work :
sudo snap set wekan ldap-user-search-filter='LDAP_USER_FILTER=(&(objectClass=user)(sAMAccountname=${user})(|(memberOf:1.2.840.113556.1.4.1941:=CN=KANBAN_Users,OU=syncgroups,DC=intra,DC=DOMAIN,DC=TLD)))'
Can someone help me ?
Thanks
The text was updated successfully, but these errors were encountered: