Comments (3)
Works fine for me. My settings:
search filter: (&(objectClass=person)(uid={0})(memberof=cn=kasm,ou=groups,dc=example,dc=com))
group membership filter: (&(member={0})(objectClass=groupOfUniqueNames))
I'll try to submit a pull request with documentation next week.
My problem was I missed the need to add the "domain" to the login. So I need to login with [email protected]. Otherwise it wont even query the ldap server.
Thanks for this neat software nitnelave!
from lldap.
I guess we can close this? There is documentation now
from lldap.
Hi! I haven't tried myself to set up Kasm, but let me have a look at your config.
The group membership filter seems to be missing a member={0}
(unless it cut in the screenshot?): my understanding is that it returns all the user's groups, so it has to be filtered on a specific user.
If you want to only get users from a specific group, you can add a memberOf=cn=my_group,ou=groups,dc=..
to the search filter (the user search filter).
Now, for the login error: to check if a given user's password is correct, typical LDAP clients will try to log in as that user (and that's the recommended way). That's why you see a login error for the user, and not for the admin.
To better understand what's going on, it would be helpful to provide the full verbose logs (verbose=true
in the config or LLDAP_VERBOSE=true
in the env): that will include the queries and responses.
from lldap.
Related Issues (20)
- [INTEGRATION] Trying to use LLDAP with etherpad (plus ep_ldapauth_ng plugin) HOT 6
- [BUG] subpath don't work with image lldap/lldap:2024-03-07-debian|alpine HOT 4
- [INTEGRATION] AMP by cubecoders HOT 5
- [BUG] Ldap query to filter user present in two groups is always empty
- [FEATURE REQUEST] Paranoid logging mode
- [BUG] `lldap_password_manager` role does not see other users in the web UI HOT 5
- [INTEGRATION] Stalwart Mailserver HOT 3
- Traefik's PathPrefix supported? HOT 1
- [FEATURE REQUEST] Helm chart implementation details HOT 6
- [FEATURE REQUEST] Include bootstrap.sh in Docker image HOT 2
- [INTEGRATION] Trying to use LLDAP with LAM (Ldap Account Manager)
- [BUG] password reset: mail server error discloses user email
- Nested groups HOT 1
- [BUG] Email through Starttls not working HOT 2
- [FEATURE REQUEST] Return schema in RootDSE for better compatibility with Apache Directory Studio Browser HOT 6
- [FEATURE REQUEST] File-only database HOT 1
- [BUG] LDAP groups not working with Nextcloud HOT 2
- [FEATURE REQUEST] modifyTimestamp
- [FEATURE REQUEST] One checkbox per user to temporarily deny/allow access HOT 1
- [INTEGRATION] uidNumber: missing on nslcd authentication HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lldap.