[Solved] LDAP users defaults

Mission accomplished!
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

[Solved] LDAP users defaults

Unread post by troycarpenter »

Great job getting this out. Trying it out now.

First question...Is there any way to set the default user settings for LDAP users?

I have found that when my users log in for the first time using their LDAP credentials, their settings are like this:

Group: ALL
Allowed to change settings and passwords
Allowed to play files

I can easily change the ALL group to have more limited access, but I want the users to be able to use search functions and have some of the other options checked by default. I don't want to have to log in and change the settings and options for every domain user. I would have expected the default user settings to be used when creating a user, even from LDAP.

Thanks!
User avatar
Madsonic
Administrator
Administrator
Posts: 984
Joined: 07 Dec 2012, 03:58
Answers: 7
Has thanked: 1201 times
Been thanked: 470 times

Re: LDAP users defaults

Unread post by Madsonic »

i could link LDAP user default to the limited default group on create

this would be better as to the group all
These users thanked the author Madsonic for the post:
troycarpenter
Rating: 7.69%
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

Re: LDAP users defaults

Unread post by troycarpenter »

That is exactly what I would want!

Edit: Wait...are you saying you would tie it to the default user profile, or a different user profile? I would like to set up the default profile with the correct options and let all users be created from that, including the ones from LDAP.
Edit2: Ok, so now I read it closer, the only change you would make is that the group would be set to limited, but all the other options would remain the same. I still prefer what I said in the first edit.

Thanks!
User avatar
Madsonic
Administrator
Administrator
Posts: 984
Joined: 07 Dec 2012, 03:58
Answers: 7
Has thanked: 1201 times
Been thanked: 470 times

Re: LDAP users defaults

Unread post by Madsonic »

i understand,

the best solution is if a LDAP user is created, it will be cloned from the default and set the membership to a group named LDAP.
These users thanked the author Madsonic for the post (total 2):
troycarpenterKsmoove
Rating: 15.38%
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

Re: LDAP users defaults

Unread post by troycarpenter »

Now THAT works for me!
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

Re: LDAP users defaults

Unread post by troycarpenter »

Just tested with the latest Beta 6.0.7200 load.

The LDAP user is created in Madsonic with the same attributes as the default user with one exception. The group is still ALL, not LDAP and not the group of the default user. I have made the ALL group have the same restrictions as the LIMITED group.
nh5
Posts: 7
Joined: 12 Jan 2013, 18:03
Has thanked: 0
Been thanked: 2 times

Re: LDAP users defaults

Unread post by nh5 »

I haven't had any luck with LDAP on the latest build. Kinda wishing the implementation was closer to Subsonic's as just a proper search string is really all that is required. Can anyone help me convert this following string to what would fit in the madsonic LDAP boxes?

Code: Select all

(&(sAMAccountName={0})(&(objectCategory=user)(memberof=cn=OMCUsers,cn=Users,dc=domain,dc=com)))
OMCUsers being a group. I'm primarily confused about the group searchbase, group filter and group role attribute. What is the purpose if the search filter can technically hold everything?
User avatar
Madsonic
Administrator
Administrator
Posts: 984
Joined: 07 Dec 2012, 03:58
Answers: 7
Has thanked: 1201 times
Been thanked: 470 times

Re: LDAP users defaults

Unread post by Madsonic »

hi there,

i test it with this settings and the LDAP query worked as expected, maybe only a misspelled config?

Code: Select all

LDAP URL: ldap://localhost:389/dc=madsonic,dc=org
LDAP search filter: (&(sAMAccountName={0})(objectCategory=user)(memberof=cn=madsonic,ou=groups,ou=organisation,dc=madsonic,dc=org))
LDAP group searchBase: ou=groups,ou=organisation
LDAP group filter: (member={0})
LDAP group role attribute: ou
LDAP manager DN : cn=manager,ou=users,ou=organisation,dc=madsonic,dc=org
Password: password
best regards
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

Re: LDAP users defaults

Unread post by troycarpenter »

LDAP seems to be working EXCEPT for one biggie.

I have the default user set to play files (very important). However, when an LDAP user is created, that field is NOT checked, and when I go to edit the default user, that box is unchecked.

I can re-check the box in the default user, and it will stay checked UNTIL the next LDAP user is created, then it is unchecked.

That box needs to remain checked, if it is checked in the default user, and NOT modify the default user when an LDAP user is created.

Also, I had to create the LDAP group. After that, all subsequently created users had the LDAP group upon creation.
These users thanked the author troycarpenter for the post:
Madsonic
Rating: 7.69%
User avatar
Madsonic
Administrator
Administrator
Posts: 984
Joined: 07 Dec 2012, 03:58
Answers: 7
Has thanked: 1201 times
Been thanked: 470 times

Re: LDAP users defaults

Unread post by Madsonic »

hi there,

all problems fixed :D
User avatar
troycarpenter
Posts: 138
Joined: 03 Dec 2013, 19:16
Has thanked: 28 times
Been thanked: 50 times

Re: LDAP users defaults

Unread post by troycarpenter »

It looks like the default user settings still has some other issues.

I have default user settings:

Code: Select all

        User is locked (Disabled)
	User is administrator
X      User is allowed to change settings and password
X      User is allowed to play files
X      User is allowed to use the search functions
	User is allowed to play files in jukebox mode
X      User is allowed to download files
X      User is allowed to upload files
	User is allowed to share files with anyone
	User is allowed to change cover art and tags
	User is allowed to create and edit comments and ratings
	User is allowed to administrate Podcasts
X      User is allowed to use Last.FM Feature 
Creating a new user (non LDAP) give these settings instead:

Code: Select all

	User is locked (Disabled)
	User is administrator
X      User is allowed to change settings and password
X      User is allowed to play files
	User is allowed to use the search functions
	User is allowed to play files in jukebox mode
	User is allowed to download files
	User is allowed to upload files
	User is allowed to share files with anyone
	User is allowed to change cover art and tags
X      User is allowed to create and edit comments and ratings
	User is allowed to administrate Podcasts
	User is allowed to use Last.FM Feature 
Also, with the LDAP user example in my previous post, the User is locked box is usually checked while "User is allowed to play files" is unchecked. The default user is modifed to be the same settings after that.

Actually, I think this is a bug, so I will move it to the bug section.

http://forum.madsonic.org/viewtopic.php?f=63&t=1560
Post Reply