LDAP group filters

Hi there, I'm running TeamCity 2018.2.4 and have successfully managed to connect my LDAP repository.

While users are synced properly, I have an issue with groups.

The LDAP directory I'm using doesn't have any attribute that stores `DN` on groups. The closes attribute I have is the node name.

Group DN is `cn=AllUsers,ou=groups,dc=...,dc=com` and `cn=AllUsers` is set on the group.

My TeamCity configuration is the following

# teamcity.groups.distinguishedName= no attribute contains the dn, so it defaults to `distinguishedName`

The resulting filter is:


Is there a way to override this filter and replace it by custom one? Ideally, I would like to replace it with


That's what I use when querying my LDAP directory with `ldapsearch`, specifying the base as a separate parameter.

Comment actions Permalink


Unfortunately, there is no way to turn off that search by distinguishedName attribute.

We have an alike sounding issue in our tracker: https://youtrack.jetbrains.com/issue/TW-44079, though.

Comment actions Permalink

Thanks Yegor!

The issue sounds very similar. I'll look forward to have it.


Please sign in to leave a comment.