Page 2 of 2
Re: LDAP
Posted: 17 Oct 2017, 14:43
by albertocastillo2001
Thank you. I also checked the ldap info page. Seems that the only kind of allowed groups are based on "groupofnames" class. I guess it's not possible to use "posixGroups" right?
Thanks
Enviado desde mi ONE A2003 mediante Tapatalk
Re: LDAP
Posted: 17 Oct 2017, 16:46
by Madsonic
albertocastillo2001 wrote:Thank you. I also checked the ldap info page. Seems that the only kind of allowed groups are based on "groupofnames" class. I guess it's not possible to use "posixGroups" right?
Thanks
Enviado desde mi ONE A2003 mediante Tapatalk
Try to setup your Madsonic Ldap configuration as follow:
LDAP group filter:
LDAP group role attribute:
Tested with OpenLDAP on Ubuntu 17.04 server
LDIF example:
Code: Select all
dn: ou=possix,dc=madsonic,dc=org
objectClass: organizationalUnit
objectClass: top
ou: possix
dn: cn=madsonic.admin,ou=groups,dc=madsonic,dc=org
objectClass: posixGroup
objectClass: top
cn: madsonic.admin
gidNumber: 1002
memberUid: bob
dn: cn=madsonic.config,ou=possix,dc=madsonic,dc=org
objectClass: posixGroup
objectClass: top
cn: madsonic.config
gidNumber: 1001
memberUid: bob
dn: uid=bob,ou=users,dc=madsonic,dc=org
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: top
cn: bob
gidNumber: 500
homeDirectory: /home/users/bob
sn: bob
uid: bob
uidNumber: 1002
userPassword: bob
Best regards
Re: LDAP
Posted: 17 Oct 2017, 16:47
by albertocastillo2001
That's the way I did with the older stable version. It would never grab the roles. I will try with the latest one available. Thanks!
Enviado desde mi ONE A2003 mediante Tapatalk
Re: LDAP
Posted: 13 Dec 2017, 23:36
by albertocastillo2001
Hi!
I am really sorry I couldn't answer before. but had to halt this project for a while.
I came back to it today and attempted to setup LDAP using posixGroups.
I had to reinstall Madsonic snapshot due to the license key no longer being valid. However, using the trial it seems to work well using posixGroups, auth is done properly with the correct user level depending on the group the user is added.
Thanks!