group membership checked against login instead of DN #911
Conversation
|
Hi @victort and thanks for your submission. Addons issues are centralized with core issues here: https://github.com/friendica/friendica/issues I'm not qualified to judge if your change is applicable to all cases but I'm glad it solved yours. I'm going to let people with more familiarity with LDAP to take a better glance than me. |
|
CC @nupplaphil |
|
I'm unsure about this. I have the feeling as if we should make it an option, but I don't have any LDAP server to test it. |
|
I agree it should be an option. Also, I'm confused why In my otherwise uninformed opinion, I too agree it should be an option, like anyway, thanks for considering. |
|
hi again, Just for the record, I've experienced a regression when I upgraded to |
|
I totally forgot about this. I guess we should make it configurable. Then the responsibility is in the hands of the administrator. |
|
Hi again. No, I don't think you necessarily merge this, BUT.. I did want to mention that after upgrading to 2020.7, had to make this adjustment again before I could log in. Thanks for playing! |
|
Like last year, I totally forgot. Can you enhance the PR so that this change is configurable? I'm not totally sure if the change would work with all systems. So having a configuration for that would be the best. |
Hi , sorry if this is out of the blue.
After weeks of messing with why Friendica won't work with LDAP, i finally narrowed my particular problem down to Group Membership not parsing the attribute value correctly.
for my LDAP groups, the
memberUidattribute is not filled with DNs of my users, but theuids of my users.So after changing
$dnto$res, suddenly all my group members would resolve!It's a very minor change, but it might affect someone else.
I didn't see an issues tab on the
friendica-addonsrepo, so I thought I'd just submit this change the pull request way. Sorry if this is out of sequence or something. While not a coder at all, I am happy to help resolve this any other way you'd like.