LDAP group filters
Hi there, I'm running TeamCity 2018.2.4 and have successfully managed to connect my LDAP repository.
While users are synced properly, I have an issue with groups.
The LDAP directory I'm using doesn't have any attribute that stores `DN` on groups. The closes attribute I have is the node name.
Group DN is `cn=AllUsers,ou=groups,dc=...,dc=com` and `cn=AllUsers` is set on the group.
My TeamCity configuration is the following
teamcity.options.groups.synchronize=true
teamcity.groups.base=ou=groups
teamcity.groups.filter=(objectClass=groupofUniqueNames)
# teamcity.groups.distinguishedName= no attribute contains the dn, so it defaults to `distinguishedName`
The resulting filter is:
(&(objectClass=groupofUniqueNames)(distinguishedName=cn=AllUsers,ou=groups,dc=cloudflaretest,dc=oktapreview,dc=com))
Is there a way to override this filter and replace it by custom one? Ideally, I would like to replace it with
(&(objectClass=groupofUniqueNames)(cn=AllUsers))
That's what I use when querying my LDAP directory with `ldapsearch`, specifying the base as a separate parameter.
Please sign in to leave a comment.
Hello,
Unfortunately, there is no way to turn off that search by distinguishedName attribute.
We have an alike sounding issue in our tracker: https://youtrack.jetbrains.com/issue/TW-44079, though.
Thanks Yegor!
The issue sounds very similar. I'll look forward to have it.