LDAP: improve POSIX support (#18235)

* LDAP: improve POSIX support * Correctly abtain DN attributes result * Allow more flexibility with comparison mapping between POSIX group & user * Add devenv for POSIX LDAP server * Correct the docs Fixes #18140
2025-02-25 18:55:37 -06:00 · 2019-07-24 12:49:18 +03:00
parent a4b0ccc138
commit 1e5fc76601
10 changed files with 187 additions and 36 deletions
--- a/pkg/services/ldap/ldap.go
+++ b/pkg/services/ldap/ldap.go
@@ -266,7 +266,9 @@ func (server *Server) Users(logins []string) (
 		return nil, err
 	}

-	server.log.Debug("LDAP users found", "users", spew.Sdump(serializedUsers))
+	server.log.Debug(
+		"LDAP users found", "users", spew.Sdump(serializedUsers),
+	)

 	return serializedUsers, nil
 }
@@ -327,6 +329,9 @@ func (server *Server) getSearchRequest(
 		inputs.Email,
 		inputs.Name,
 		inputs.MemberOf,
+
+		// In case for the POSIX LDAP schema server
+		server.Config.GroupSearchFilterUserAttribute,
 	)

 	search := ""
@@ -489,6 +494,7 @@ func (server *Server) requestMemberOf(entry *ldap.Entry) ([]string, error) {

 		if len(groupSearchResult.Entries) > 0 {
 			for _, group := range groupSearchResult.Entries {
+
 				memberOf = append(
 					memberOf,
 					getAttribute(groupIDAttribute, group),