Comments (7)
That's the latest stable release, but not the latest beta, e.g. the docker image tagged "latest".
We're working towards a stable release, but the web UI is not quite there yet.
(Note that there's nothing unstable about latest, there's just only partial support of custom attributes in the web UI)
from lldap.
Does not work on 0.5.1-alpha either (Compiled commit 959bb90)
I made a group JellyfinUsers
, added a test user. When filtering for JellyfinUsers from Jellyfin, I get 0 users. I make another group jellyfinusers
, and that is detected without changing the filter.
Also, I am able to add duplicate group names.
My user and admin filter is set to (memberof=cn=JellyfinUsers,ou=groups,dc=example,dc=com)
.
Logs with only JellyfinUsers (containing user test in LLDAP
2024-02-25T21:07:59.758314135+00:00 INFO LDAP session [ 63.0ms | 0.16% / 100.00% ]
2024-02-25T21:07:59.766913454+00:00 INFO ┝━ LDAP request [ 62.6ms | 0.11% / 99.29% ]
2024-02-25T21:07:59.766942394+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 171, op: BindRequest(LdapBindRequest { dn: "uid=admin,ou=people,dc=example,dc=com", cred: LdapBindCred::Simple }), ctrl: [] }
2024-02-25T21:07:59.766944644+00:00 DEBUG │ ┝━ do_bind [ 62.5ms | 0.06% / 99.17% ] dn: uid=admin,ou=people,dc=example,dc=com
2024-02-25T21:07:59.766962910+00:00 DEBUG │ │ ┝━ bind [ 62.3ms | 0.01% / 98.90% ]
2024-02-25T21:07:59.766966305+00:00 DEBUG │ │ │ ┝━ get_password_file_for_user [ 84.6µs | 0.13% ] user_id: UserId(CaseInsensitiveString("admin"))
2024-02-25T21:07:59.767232511+00:00 DEBUG │ │ │ ┕━ passwords_match [ 62.2ms | 98.76% ] username: admin
2024-02-25T21:07:59.829457681+00:00 DEBUG │ │ ┝━ get_user_groups [ 134µs | 0.21% ] user_id: "admin"
2024-02-25T21:07:59.830037845+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: {GroupDetails { group_id: GroupId(1), display_name: GroupName("lldap_admin"), creation_date: 2024-02-25T20:47:06.781239809, uuid: Uuid("b7063b5b-9796-31e0-9107-35f8c9e59cac"), attributes: [] }}
2024-02-25T21:07:59.830041148+00:00 DEBUG │ │ ┕━ 🐛 [debug]: Success!
2024-02-25T21:07:59.830045816+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: BindResponse(LdapBindResponse { res: LdapResult { code: Success, matcheddn: "", message: "", referral: [] }, saslcreds: None })
2024-02-25T21:07:59.831602463+00:00 INFO ┝━ LDAP request [ 330µs | 0.09% / 0.52% ]
2024-02-25T21:07:59.831609615+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 172, op: SearchRequest(LdapSearchRequest { base: "ou=people,dc=example,dc=com", scope: Subtree, aliases: Never, sizelimit: 1000, timelimit: 0, typesonly: false, filter: Equality("memberof", "cn=JellyfinUsers,ou=groups,dc=example,dc=com"), attrs: ["uid", "uid"] }), ctrl: [] }
2024-02-25T21:07:59.831610500+00:00 DEBUG │ ┝━ do_search [ 274µs | 0.24% / 0.44% ]
2024-02-25T21:07:59.832242246+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | request.base: "ou=people,dc=example,dc=com" | scope: Users
2024-02-25T21:07:59.832243911+00:00 DEBUG │ │ ┕━ get_user_list [ 126µs | 0.02% / 0.20% ]
2024-02-25T21:07:59.832248563+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | filters: MemberOf(GroupName("jellyfinusers"))
2024-02-25T21:07:59.832251305+00:00 DEBUG │ │ ┕━ list_users [ 115µs | 0.18% ] filters: Some(MemberOf(GroupName("jellyfinusers"))) | _get_groups: false
2024-02-25T21:07:59.832492067+00:00 DEBUG │ │ ┕━ 🐛 [debug]: | return: []
2024-02-25T21:07:59.832498945+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: SearchResultDone(LdapResult { code: Success, matcheddn: "", message: "", referral: [] })
2024-02-25T21:07:59.833296699+00:00 INFO ┕━ LDAP request [ 16.2µs | 0.03% ]
2024-02-25T21:07:59.833312425+00:00 DEBUG ┕━ 🐛 [debug]: | msg: LdapMsg { msgid: 173, op: UnbindRequest, ctrl: [] }
2024-02-25T21:07:59.835044802+00:00 INFO LDAP session [ 63.8ms | 0.14% / 100.00% ]
2024-02-25T21:07:59.841331605+00:00 INFO ┝━ LDAP request [ 63.3ms | 0.08% / 99.19% ]
2024-02-25T21:07:59.841341698+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 174, op: BindRequest(LdapBindRequest { dn: "uid=admin,ou=people,dc=example,dc=com", cred: LdapBindCred::Simple }), ctrl: [] }
2024-02-25T21:07:59.841344662+00:00 DEBUG │ ┝━ do_bind [ 63.3ms | 0.04% / 99.11% ] dn: uid=admin,ou=people,dc=example,dc=com
2024-02-25T21:07:59.841350931+00:00 DEBUG │ │ ┝━ bind [ 63.1ms | 0.02% / 98.85% ]
2024-02-25T21:07:59.841354646+00:00 DEBUG │ │ │ ┝━ get_password_file_for_user [ 104µs | 0.16% ] user_id: UserId(CaseInsensitiveString("admin"))
2024-02-25T21:07:59.841664410+00:00 DEBUG │ │ │ ┕━ passwords_match [ 63.0ms | 98.67% ] username: admin
2024-02-25T21:07:59.904669024+00:00 DEBUG │ │ ┝━ get_user_groups [ 139µs | 0.22% ] user_id: "admin"
2024-02-25T21:07:59.905370841+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: {GroupDetails { group_id: GroupId(1), display_name: GroupName("lldap_admin"), creation_date: 2024-02-25T20:47:06.781239809, uuid: Uuid("b7063b5b-9796-31e0-9107-35f8c9e59cac"), attributes: [] }}
2024-02-25T21:07:59.905374791+00:00 DEBUG │ │ ┕━ 🐛 [debug]: Success!
2024-02-25T21:07:59.905378652+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: BindResponse(LdapBindResponse { res: LdapResult { code: Success, matcheddn: "", message: "", referral: [] }, saslcreds: None })
2024-02-25T21:07:59.907299300+00:00 INFO ┝━ LDAP request [ 421µs | 0.10% / 0.66% ]
2024-02-25T21:07:59.907308130+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 175, op: SearchRequest(LdapSearchRequest { base: "ou=people,dc=example,dc=com", scope: Subtree, aliases: Never, sizelimit: 1000, timelimit: 0, typesonly: false, filter: Equality("memberof", "cn=JellyfinUsers,ou=groups,dc=example,dc=com"), attrs: ["uid", "uid"] }), ctrl: [] }
2024-02-25T21:07:59.907309309+00:00 DEBUG │ ┝━ do_search [ 359µs | 0.32% / 0.56% ]
2024-02-25T21:07:59.908102083+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | request.base: "ou=people,dc=example,dc=com" | scope: Users
2024-02-25T21:07:59.908104071+00:00 DEBUG │ │ ┕━ get_user_list [ 157µs | 0.02% / 0.25% ]
2024-02-25T21:07:59.908109570+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | filters: MemberOf(GroupName("jellyfinusers"))
2024-02-25T21:07:59.908112598+00:00 DEBUG │ │ ┕━ list_users [ 144µs | 0.23% ] filters: Some(MemberOf(GroupName("jellyfinusers"))) | _get_groups: false
2024-02-25T21:07:59.908432374+00:00 DEBUG │ │ ┕━ 🐛 [debug]: | return: []
2024-02-25T21:07:59.908439881+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: SearchResultDone(LdapResult { code: Success, matcheddn: "", message: "", referral: [] })
2024-02-25T21:07:59.909342747+00:00 INFO ┕━ LDAP request [ 3.53µs | 0.01% ]
2024-02-25T21:07:59.909345710+00:00 DEBUG ┕━ 🐛 [debug]: | msg: LdapMsg { msgid: 176, op: UnbindRequest, ctrl: [] }
Logs with both JellyfinUsers (user test) and jellyfinusers (user test2) in LLDAP:
2024-02-25T21:10:29.665324661+00:00 INFO LDAP session [ 63.2ms | 0.17% / 100.00% ]
2024-02-25T21:10:29.671345797+00:00 INFO ┝━ LDAP request [ 62.8ms | 0.08% / 99.33% ]
2024-02-25T21:10:29.671354970+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 183, op: BindRequest(LdapBindRequest { dn: "uid=admin,ou=people,dc=example,dc=com", cred: LdapBindCred::Simple }), ctrl: [] }
2024-02-25T21:10:29.671357343+00:00 DEBUG │ ┝━ do_bind [ 62.8ms | 0.05% / 99.25% ] dn: uid=admin,ou=people,dc=example,dc=com
2024-02-25T21:10:29.671375496+00:00 DEBUG │ │ ┝━ bind [ 62.6ms | 0.01% / 98.99% ]
2024-02-25T21:10:29.671378423+00:00 DEBUG │ │ │ ┝━ get_password_file_for_user [ 54.4µs | 0.09% ] user_id: UserId(CaseInsensitiveString("admin"))
2024-02-25T21:10:29.671623020+00:00 DEBUG │ │ │ ┕━ passwords_match [ 62.5ms | 98.89% ] username: admin
2024-02-25T21:10:29.734177287+00:00 DEBUG │ │ ┝━ get_user_groups [ 131µs | 0.21% ] user_id: "admin"
2024-02-25T21:10:29.734762596+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: {GroupDetails { group_id: GroupId(1), display_name: GroupName("lldap_admin"), creation_date: 2024-02-25T20:47:06.781239809, uuid: Uuid("b7063b5b-9796-31e0-9107-35f8c9e59cac"), attributes: [] }}
2024-02-25T21:10:29.734766091+00:00 DEBUG │ │ ┕━ 🐛 [debug]: Success!
2024-02-25T21:10:29.734769784+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: BindResponse(LdapBindResponse { res: LdapResult { code: Success, matcheddn: "", message: "", referral: [] }, saslcreds: None })
2024-02-25T21:10:29.736414560+00:00 INFO ┝━ LDAP request [ 311µs | 0.06% / 0.49% ]
2024-02-25T21:10:29.736434983+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 184, op: SearchRequest(LdapSearchRequest { base: "ou=people,dc=example,dc=com", scope: Subtree, aliases: Never, sizelimit: 1000, timelimit: 0, typesonly: false, filter: Equality("memberof", "cn=JellyfinUsers,ou=groups,dc=example,dc=com"), attrs: ["uid", "uid"] }), ctrl: [] }
2024-02-25T21:10:29.736435870+00:00 DEBUG │ ┝━ do_search [ 270µs | 0.20% / 0.43% ]
2024-02-25T21:10:29.736777519+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | request.base: "ou=people,dc=example,dc=com" | scope: Users
2024-02-25T21:10:29.736778973+00:00 DEBUG │ │ ┝━ get_user_list [ 144µs | 0.02% / 0.23% ]
2024-02-25T21:10:29.736783258+00:00 DEBUG │ │ │ ┝━ 🐛 [debug]: | filters: MemberOf(GroupName("jellyfinusers"))
2024-02-25T21:10:29.736786283+00:00 DEBUG │ │ │ ┕━ list_users [ 133µs | 0.21% ] filters: Some(MemberOf(GroupName("jellyfinusers"))) | _get_groups: false
2024-02-25T21:10:29.737050917+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: [UserAndGroups { user: User { user_id: UserId(CaseInsensitiveString("test2")), email: Email("[email protected]"), display_name: Some("test2"), creation_date: 2024-02-25T20:58:11.333751119, uuid: Uuid("a135652b-abdb-31f8-9601-2140339b9bba"), attributes: [] }, groups: Some([GroupDetails { group_id: GroupId(9), display_name: GroupName("jellyfinusers"), creation_date: 2024-02-25T21:09:39.859380476, uuid: Uuid("f3610e5d-b5c3-3650-9432-4466d38364ac"), attributes: [] }]) }]
2024-02-25T21:10:29.737054414+00:00 DEBUG │ │ ┕━ expand_attribute_wildcards [ 1.74µs | 0.00% ] ldap_attributes: ["uid", "uid"]
2024-02-25T21:10:29.737056153+00:00 DEBUG │ │ ┕━ 🐛 [debug]: | resolved_attributes: ["uid"]
2024-02-25T21:10:29.737063607+00:00 DEBUG │ ┝━ 🐛 [debug]: | response: SearchResultEntry(LdapSearchResultEntry { dn: "uid=test2,ou=people,dc=example,dc=com", attributes: [LdapPartialAttribute { atype: "uid", vals: ["test2"] }] })
2024-02-25T21:10:29.737080411+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: SearchResultDone(LdapResult { code: Success, matcheddn: "", message: "", referral: [] })
2024-02-25T21:10:29.778986925+00:00 INFO ┕━ LDAP request [ 8.68µs | 0.01% ]
2024-02-25T21:10:29.778994037+00:00 DEBUG ┕━ 🐛 [debug]: | msg: LdapMsg { msgid: 185, op: UnbindRequest, ctrl: [] }
2024-02-25T21:10:29.781152014+00:00 INFO LDAP session [ 64.6ms | 0.14% / 100.00% ]
2024-02-25T21:10:29.787116265+00:00 INFO ┝━ LDAP request [ 64.2ms | 0.07% / 99.32% ]
2024-02-25T21:10:29.787122121+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 186, op: BindRequest(LdapBindRequest { dn: "uid=admin,ou=people,dc=example,dc=com", cred: LdapBindCred::Simple }), ctrl: [] }
2024-02-25T21:10:29.787123972+00:00 DEBUG │ ┝━ do_bind [ 64.1ms | 0.03% / 99.25% ] dn: uid=admin,ou=people,dc=example,dc=com
2024-02-25T21:10:29.787128553+00:00 DEBUG │ │ ┝━ bind [ 64.0ms | 0.01% / 98.99% ]
2024-02-25T21:10:29.787131215+00:00 DEBUG │ │ │ ┝━ get_password_file_for_user [ 51.6µs | 0.08% ] user_id: UserId(CaseInsensitiveString("admin"))
2024-02-25T21:10:29.787351998+00:00 DEBUG │ │ │ ┕━ passwords_match [ 63.9ms | 98.90% ] username: admin
2024-02-25T21:10:29.851272098+00:00 DEBUG │ │ ┝━ get_user_groups [ 143µs | 0.22% ] user_id: "admin"
2024-02-25T21:10:29.851883218+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: {GroupDetails { group_id: GroupId(1), display_name: GroupName("lldap_admin"), creation_date: 2024-02-25T20:47:06.781239809, uuid: Uuid("b7063b5b-9796-31e0-9107-35f8c9e59cac"), attributes: [] }}
2024-02-25T21:10:29.851886587+00:00 DEBUG │ │ ┕━ 🐛 [debug]: Success!
2024-02-25T21:10:29.851890703+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: BindResponse(LdapBindResponse { res: LdapResult { code: Success, matcheddn: "", message: "", referral: [] }, saslcreds: None })
2024-02-25T21:10:29.853712130+00:00 INFO ┝━ LDAP request [ 342µs | 0.09% / 0.53% ]
2024-02-25T21:10:29.853732677+00:00 DEBUG │ ┝━ 🐛 [debug]: | msg: LdapMsg { msgid: 187, op: SearchRequest(LdapSearchRequest { base: "ou=people,dc=example,dc=com", scope: Subtree, aliases: Never, sizelimit: 1000, timelimit: 0, typesonly: false, filter: Equality("memberof", "cn=JellyfinUsers,ou=groups,dc=example,dc=com"), attrs: ["uid", "uid"] }), ctrl: [] }
2024-02-25T21:10:29.853733704+00:00 DEBUG │ ┝━ do_search [ 285µs | 0.19% / 0.44% ]
2024-02-25T21:10:29.854142728+00:00 DEBUG │ │ ┝━ 🐛 [debug]: | request.base: "ou=people,dc=example,dc=com" | scope: Users
2024-02-25T21:10:29.854144064+00:00 DEBUG │ │ ┝━ get_user_list [ 160µs | 0.02% / 0.25% ]
2024-02-25T21:10:29.854149124+00:00 DEBUG │ │ │ ┝━ 🐛 [debug]: | filters: MemberOf(GroupName("jellyfinusers"))
2024-02-25T21:10:29.854152155+00:00 DEBUG │ │ │ ┕━ list_users [ 149µs | 0.23% ] filters: Some(MemberOf(GroupName("jellyfinusers"))) | _get_groups: false
2024-02-25T21:10:29.854493879+00:00 DEBUG │ │ │ ┕━ 🐛 [debug]: | return: [UserAndGroups { user: User { user_id: UserId(CaseInsensitiveString("test2")), email: Email("[email protected]"), display_name: Some("test2"), creation_date: 2024-02-25T20:58:11.333751119, uuid: Uuid("a135652b-abdb-31f8-9601-2140339b9bba"), attributes: [] }, groups: Some([GroupDetails { group_id: GroupId(9), display_name: GroupName("jellyfinusers"), creation_date: 2024-02-25T21:09:39.859380476, uuid: Uuid("f3610e5d-b5c3-3650-9432-4466d38364ac"), attributes: [] }]) }]
2024-02-25T21:10:29.854497716+00:00 DEBUG │ │ ┕━ expand_attribute_wildcards [ 1.86µs | 0.00% ] ldap_attributes: ["uid", "uid"]
2024-02-25T21:10:29.854499416+00:00 DEBUG │ │ ┕━ 🐛 [debug]: | resolved_attributes: ["uid"]
2024-02-25T21:10:29.854507332+00:00 DEBUG │ ┝━ 🐛 [debug]: | response: SearchResultEntry(LdapSearchResultEntry { dn: "uid=test2,ou=people,dc=example,dc=com", attributes: [LdapPartialAttribute { atype: "uid", vals: ["test2"] }] })
2024-02-25T21:10:29.854526575+00:00 DEBUG │ ┕━ 🐛 [debug]: | response: SearchResultDone(LdapResult { code: Success, matcheddn: "", message: "", referral: [] })
2024-02-25T21:10:29.898881360+00:00 INFO ┕━ LDAP request [ 8.72µs | 0.01% ]
2024-02-25T21:10:29.898888299+00:00 DEBUG ┕━ 🐛 [debug]: | msg: LdapMsg { msgid: 188, op: UnbindRequest, ctrl: [] }
from lldap.
So, the fix I mentioned was indeed intended to fix that issue, but it was half-botched and ended up introducing more issues... I finished it properly. You might want to delete your groups with duplicate names before upgrading or you'll get a hard startup error.
from lldap.
Also LLDAP allows me to create duplicate groups? I can create two groups with the exact same name. That looks like it shouldn't be possible, because if it has different members, searches will be a union of the two.
from lldap.
All of that should be fixed in latest, have you tried?
from lldap.
I installed from the LLDAP OBS package, which seems to match the latest release. Do you mean compiling the main branch myself?
root@kratos-id:~# lldap --version
lldap 0.5.0
from lldap.
I see. I am not using docker for lldap, I will compile main tomorrow and report back on how it goes. Thanks!
from lldap.
Related Issues (20)
- [INTEGRATION] Trying to use LLDAP with etherpad (plus ep_ldapauth_ng plugin) HOT 6
- [BUG] subpath don't work with image lldap/lldap:2024-03-07-debian|alpine HOT 4
- [INTEGRATION] AMP by cubecoders HOT 5
- [BUG] Ldap query to filter user present in two groups is always empty
- [FEATURE REQUEST] Paranoid logging mode
- [BUG] `lldap_password_manager` role does not see other users in the web UI HOT 5
- [INTEGRATION] Stalwart Mailserver HOT 3
- Traefik's PathPrefix supported? HOT 1
- [FEATURE REQUEST] Helm chart implementation details HOT 6
- [FEATURE REQUEST] Include bootstrap.sh in Docker image HOT 2
- [INTEGRATION] Trying to use LLDAP with LAM (Ldap Account Manager)
- [BUG] password reset: mail server error discloses user email
- Nested groups HOT 1
- [BUG] Email through Starttls not working HOT 2
- [FEATURE REQUEST] Return schema in RootDSE for better compatibility with Apache Directory Studio Browser HOT 6
- [FEATURE REQUEST] File-only database HOT 1
- [BUG] LDAP groups not working with Nextcloud HOT 2
- [FEATURE REQUEST] modifyTimestamp
- [FEATURE REQUEST] One checkbox per user to temporarily deny/allow access HOT 1
- [INTEGRATION] uidNumber: missing on nslcd authentication HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lldap.