LDAP group members configuration


#1

Hi,

I was able to configure LDAP plugin, basic approach, so I can see users and groups in Admin web app but can’t see users in groups or groups the user belongs to.

I understand it is related to groupSearchBase, groupSearchFilter, etc properties but can’t figure it out what may be a proper configuration.

I suspect it is the way LDAP server is configured. It is actually an Active Directory, Windows 2008 I guess.

Users are organized in a tree starting with distinguishedName OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu and grouped under

OU=Areas Comuna,OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu
OU=Delegaciones,OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu
OU=Directivos,OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu
OU=Informatica,OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu

maipu
   comuna
       Maipu
           Computadoras
           Servidores
           Usuarios
               Areas Comuna
               Delegaciones
               Directivos
               Informatica
                   Diego Gil

so, a user is (f.i.) :

CN=Diego Gil,OU=Informatica,OU=Usuarios,OU=Maipu,DC=comuna,DC=maipu

No groups, no member, no memberOf, no managedBy info in this tree. I am not very used to Active Directory, or LDAP. The only part where there are some group info is on CN=Builtin,DC=comuna,DC=maipu but I think is too related to Windows.

Any suggestion about how to discover / configure the user - group relationship in ldap plugin ?

I will not be able to continue with Authorizations until I fix this issue.

Regards,
Diego.