LDAPCP icon indicating copy to clipboard operation
LDAPCP copied to clipboard

Published 20 hours ago verified publisher icon Yvand

Augmentation does not work with OpenDJ

Open Odi81 opened this issue 2 years ago • 5 comments

We are using SharePoint with OpenDJ. Augmentation does not work, because group membership attribute is "isMemberOf". https://backstage.forgerock.com/docs/opendj/2.6/configref/is-member-of-virtual-attribute.html

LDAP query only includes attributes "memberOf" and "uniquememberof". Result in Log message: [LDAPCP] Got 0 group(s) for user "###" in 568 ms from LDAP server "LDAP://###.com:636"

We need an option to change attributes used for augmentation or this there a way to configure?

Odi81 avatar Aug 31 '22 09:08 Odi81

@Odi81 I am away this week but I will come back to you next week on this topic Thank you for your patience

Yvand avatar Sep 05 '22 14:09 Yvand

Coming back on this topic, I confirm this cannot be configured, unfortunately. Is it something you actually need, or just a FYI?

Yvand avatar Sep 12 '22 14:09 Yvand

@Yvand Yes, we need group based authorization. We have tested the claims provider after extending the GroupMembershipAttributes variable and it worked.

unnamed

If this can be included in a future release, the issue will be solved.

Odi81 avatar Sep 13 '22 07:09 Odi81

Noted. Indeed, for the time being you can manually edit this property to include your LDAP property, which is exactly what the code change would do anyway. Thanks for reporting this

Yvand avatar Sep 19 '22 15:09 Yvand

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Oct 20 '22 01:10 stale[bot]