node-ldapauth-fork icon indicating copy to clipboard operation
node-ldapauth-fork copied to clipboard

Published 20 hours ago verified publisher icon vesse

groupSearchFilter is not checking if the user is part of the group

Open xanpri opened this issue 2 years ago • 0 comments

I'm using the MeshCentral application and trying to configure ldap to use groups. But group authentication is not working. I use Open LDAP to authenticate Linux systems and workstations.

Here's the configuration I'm using:

"ldapOptions": {
    "url": "URL",
    "bindDN": "USERBIND",
    "bindCredentials": "SUPERPASS",
    "searchBase": "ou=test,dc=DC,dc=DC,dc=br",
    "searchFilter": "(&(objectClass=posixAccount)(uid={{username}}))",
    "groupSearchBase": "ou=test,dc=DC,dc=DC,dc=br",
    "groupSearchFilter": "(&(objectClass=posixAccount)(cn=group1)(memberUid={{username}}))",
    "tlsOptions": { "rejectUnauthorized": false }
	},

Group1 data for groupSearchFilter search:

dn: cn=group1,ou=test,dc=DC,dc=DC,dc=br cn: group1 gidNumber: 11111 objectClass: top objectClass: posixGroup memberUid: user1 memberUid: user2 memberUid: user3

What could I be doing wrong in the group consultation?

xanpri avatar Jun 17 '22 17:06 xanpri