problem with 'filter' setting

[silas101]

I'm using the discourse-ldap-auth plugin for Discourse which is based on this plugin. We're binding to Active Directory. For the "filter" field, I'm using the following syntax:

memberOf=CN=Group,OU=Users,DC=Domain,DC=com

Authentication works for the user if that user is the only member of "Group". However, if more than one member is added to "Group", only the first user account on the group membership list is able to authenticate. Am I using the syntax for the 'filter' field incorrectly?

[nkreevo]

experiencing the same problem rn... any updates?

:filter => '(&(objectClass=user)(memberOf=CN=Group1,OU=unit1,OU=unit2,OU=unit3,DC=mydomain,DC=local))',

also makes no difference to

:filter => '(&(memberOf=CN=Group1,OU=unit1,OU=unit2,OU=unit3,DC=mydomain,DC=local))',

i also use gitea with ldap, where i have the following filter settings:

:filter => '(&(objectClass=user)(memberOf=CN=Group1,OU=unit1,OU=unit2,OU=unit3,DC=mydomain,DC=local)(sAMAccountName=%s))',

[pboling]

@silas101 @nkreevo I've added comprehensive documentation for how to use the filter. https://github.com/omniauth/omniauth-ldap#using-a-custom-filter The main thing that sticks out is the uid=%{username} part. Let me know if the documentation is still lacking, or if you can reproduce the issue in a spec test. This library now has 98% line coverage, so the behaviors are fairly well spec'd now, including with an integration test suite. Hopefully you can recreate what you are experiencing in the specs.

[pboling]

I'm going to close this, assuming that it is now working properly. @nkreevo If you still have the issue with v2.3.1+ please let me know.