LDAP User Manager - group configuration question



  • I'm trying to configure an LDAP server for user authentication. I've got as far as being able to authenticate (as in Diagnostics / Authentication indicates that users can authenticate), but I can't get group information to be associated with the user.

    My users are stored in ou=Users,dc=localdomain and are identified by uid.

    I've got ou=Groups,dc=localdomain holding my groups, including one with a cn=admins (as rdn). These groups have a 'member' attribute.

    The member attribute value for admins is uid=testuser,ou=Users,dc=localdomain

    I've set 'User naming attribute' to 'uid', 'Group naming attribute' to 'cn' and 'Group member attribute' to 'member'.

    'Groups' and 'Users' are both configured as authentication containers.

    What do I need to change to get the group information to be associated with the user?

    Version is 2.0-RC1 (amd64) built on Sat Feb 26 18:07:23 EST 2011



  • Looking in my LDAP logs, it seems as if the group search is of the form:

    SRCH base="uid=testuser,ou=people,dc=localdomain" scope=2 filter="(uid=testuser)" attrs="member"
    

    which won't be searching in oe=groups.

    I can't see an obvious way of setting the search base for groups.


Locked