[Solved] LDAP users defaults
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
[Solved] LDAP users defaults
Great job getting this out. Trying it out now.
First question...Is there any way to set the default user settings for LDAP users?
I have found that when my users log in for the first time using their LDAP credentials, their settings are like this:
Group: ALL
Allowed to change settings and passwords
Allowed to play files
I can easily change the ALL group to have more limited access, but I want the users to be able to use search functions and have some of the other options checked by default. I don't want to have to log in and change the settings and options for every domain user. I would have expected the default user settings to be used when creating a user, even from LDAP.
Thanks!
First question...Is there any way to set the default user settings for LDAP users?
I have found that when my users log in for the first time using their LDAP credentials, their settings are like this:
Group: ALL
Allowed to change settings and passwords
Allowed to play files
I can easily change the ALL group to have more limited access, but I want the users to be able to use search functions and have some of the other options checked by default. I don't want to have to log in and change the settings and options for every domain user. I would have expected the default user settings to be used when creating a user, even from LDAP.
Thanks!
- Madsonic
- Administrator
- Posts: 986
- Joined: 07 Dec 2012, 03:58
- Has thanked: 1204 times
- Been thanked: 470 times
Re: LDAP users defaults
i could link LDAP user default to the limited default group on create
this would be better as to the group all
this would be better as to the group all
- These users thanked the author Madsonic for the post:
- troycarpenter
- Rating: 7.69%
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
Re: LDAP users defaults
That is exactly what I would want!
Edit: Wait...are you saying you would tie it to the default user profile, or a different user profile? I would like to set up the default profile with the correct options and let all users be created from that, including the ones from LDAP.
Edit2: Ok, so now I read it closer, the only change you would make is that the group would be set to limited, but all the other options would remain the same. I still prefer what I said in the first edit.
Thanks!
Edit: Wait...are you saying you would tie it to the default user profile, or a different user profile? I would like to set up the default profile with the correct options and let all users be created from that, including the ones from LDAP.
Edit2: Ok, so now I read it closer, the only change you would make is that the group would be set to limited, but all the other options would remain the same. I still prefer what I said in the first edit.
Thanks!
- Madsonic
- Administrator
- Posts: 986
- Joined: 07 Dec 2012, 03:58
- Has thanked: 1204 times
- Been thanked: 470 times
Re: LDAP users defaults
i understand,
the best solution is if a LDAP user is created, it will be cloned from the default and set the membership to a group named LDAP.
the best solution is if a LDAP user is created, it will be cloned from the default and set the membership to a group named LDAP.
- These users thanked the author Madsonic for the post (total 2):
- troycarpenter • Ksmoove
- Rating: 15.38%
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
Re: LDAP users defaults
Just tested with the latest Beta 6.0.7200 load.
The LDAP user is created in Madsonic with the same attributes as the default user with one exception. The group is still ALL, not LDAP and not the group of the default user. I have made the ALL group have the same restrictions as the LIMITED group.
The LDAP user is created in Madsonic with the same attributes as the default user with one exception. The group is still ALL, not LDAP and not the group of the default user. I have made the ALL group have the same restrictions as the LIMITED group.
Re: LDAP users defaults
I haven't had any luck with LDAP on the latest build. Kinda wishing the implementation was closer to Subsonic's as just a proper search string is really all that is required. Can anyone help me convert this following string to what would fit in the madsonic LDAP boxes?
OMCUsers being a group. I'm primarily confused about the group searchbase, group filter and group role attribute. What is the purpose if the search filter can technically hold everything?
Code: Select all
(&(sAMAccountName={0})(&(objectCategory=user)(memberof=cn=OMCUsers,cn=Users,dc=domain,dc=com)))
- Madsonic
- Administrator
- Posts: 986
- Joined: 07 Dec 2012, 03:58
- Has thanked: 1204 times
- Been thanked: 470 times
Re: LDAP users defaults
hi there,
i test it with this settings and the LDAP query worked as expected, maybe only a misspelled config?
best regards
i test it with this settings and the LDAP query worked as expected, maybe only a misspelled config?
Code: Select all
LDAP URL: ldap://localhost:389/dc=madsonic,dc=org
LDAP search filter: (&(sAMAccountName={0})(objectCategory=user)(memberof=cn=madsonic,ou=groups,ou=organisation,dc=madsonic,dc=org))
LDAP group searchBase: ou=groups,ou=organisation
LDAP group filter: (member={0})
LDAP group role attribute: ou
LDAP manager DN : cn=manager,ou=users,ou=organisation,dc=madsonic,dc=org
Password: password
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
Re: LDAP users defaults
LDAP seems to be working EXCEPT for one biggie.
I have the default user set to play files (very important). However, when an LDAP user is created, that field is NOT checked, and when I go to edit the default user, that box is unchecked.
I can re-check the box in the default user, and it will stay checked UNTIL the next LDAP user is created, then it is unchecked.
That box needs to remain checked, if it is checked in the default user, and NOT modify the default user when an LDAP user is created.
Also, I had to create the LDAP group. After that, all subsequently created users had the LDAP group upon creation.
I have the default user set to play files (very important). However, when an LDAP user is created, that field is NOT checked, and when I go to edit the default user, that box is unchecked.
I can re-check the box in the default user, and it will stay checked UNTIL the next LDAP user is created, then it is unchecked.
That box needs to remain checked, if it is checked in the default user, and NOT modify the default user when an LDAP user is created.
Also, I had to create the LDAP group. After that, all subsequently created users had the LDAP group upon creation.
- These users thanked the author troycarpenter for the post:
- Madsonic
- Rating: 7.69%
- Madsonic
- Administrator
- Posts: 986
- Joined: 07 Dec 2012, 03:58
- Has thanked: 1204 times
- Been thanked: 470 times
- troycarpenter
- Posts: 138
- Joined: 03 Dec 2013, 19:16
- Has thanked: 28 times
- Been thanked: 50 times
Re: LDAP users defaults
It looks like the default user settings still has some other issues.
I have default user settings:
Creating a new user (non LDAP) give these settings instead:
Also, with the LDAP user example in my previous post, the User is locked box is usually checked while "User is allowed to play files" is unchecked. The default user is modifed to be the same settings after that.
Actually, I think this is a bug, so I will move it to the bug section.
http://forum.madsonic.org/viewtopic.php?f=63&t=1560
I have default user settings:
Code: Select all
User is locked (Disabled)
User is administrator
X User is allowed to change settings and password
X User is allowed to play files
X User is allowed to use the search functions
User is allowed to play files in jukebox mode
X User is allowed to download files
X User is allowed to upload files
User is allowed to share files with anyone
User is allowed to change cover art and tags
User is allowed to create and edit comments and ratings
User is allowed to administrate Podcasts
X User is allowed to use Last.FM Feature
Code: Select all
User is locked (Disabled)
User is administrator
X User is allowed to change settings and password
X User is allowed to play files
User is allowed to use the search functions
User is allowed to play files in jukebox mode
User is allowed to download files
User is allowed to upload files
User is allowed to share files with anyone
User is allowed to change cover art and tags
X User is allowed to create and edit comments and ratings
User is allowed to administrate Podcasts
User is allowed to use Last.FM Feature
Actually, I think this is a bug, so I will move it to the bug section.
http://forum.madsonic.org/viewtopic.php?f=63&t=1560