Page 2 of 2

Re: LDAP

Posted: 17 Oct 2017, 14:43
by albertocastillo2001
Thank you. I also checked the ldap info page. Seems that the only kind of allowed groups are based on "groupofnames" class. I guess it's not possible to use "posixGroups" right?

Thanks

Enviado desde mi ONE A2003 mediante Tapatalk

Re: LDAP

Posted: 17 Oct 2017, 16:46
by Madsonic
albertocastillo2001 wrote:Thank you. I also checked the ldap info page. Seems that the only kind of allowed groups are based on "groupofnames" class. I guess it's not possible to use "posixGroups" right?

Thanks

Enviado desde mi ONE A2003 mediante Tapatalk
Try to setup your Madsonic Ldap configuration as follow:

LDAP group filter:

Code: Select all

(memberUid={1})

LDAP group role attribute:

Code: Select all

cn
Tested with OpenLDAP on Ubuntu 17.04 server

LDIF example:

Code: Select all

dn: ou=possix,dc=madsonic,dc=org
objectClass: organizationalUnit
objectClass: top
ou: possix

dn: cn=madsonic.admin,ou=groups,dc=madsonic,dc=org
objectClass: posixGroup
objectClass: top
cn: madsonic.admin
gidNumber: 1002
memberUid: bob

dn: cn=madsonic.config,ou=possix,dc=madsonic,dc=org
objectClass: posixGroup
objectClass: top
cn: madsonic.config
gidNumber: 1001
memberUid: bob

dn: uid=bob,ou=users,dc=madsonic,dc=org
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: top
cn: bob
gidNumber: 500
homeDirectory: /home/users/bob
sn: bob
uid: bob
uidNumber: 1002
userPassword: bob
Best regards

Re: LDAP

Posted: 17 Oct 2017, 16:47
by albertocastillo2001
That's the way I did with the older stable version. It would never grab the roles. I will try with the latest one available. Thanks!

Enviado desde mi ONE A2003 mediante Tapatalk

Re: LDAP

Posted: 13 Dec 2017, 23:36
by albertocastillo2001
Hi!

I am really sorry I couldn't answer before. but had to halt this project for a while.
I came back to it today and attempted to setup LDAP using posixGroups.

I had to reinstall Madsonic snapshot due to the license key no longer being valid. However, using the trial it seems to work well using posixGroups, auth is done properly with the correct user level depending on the group the user is added.

Thanks!