mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
07523219d1
The userAttr needs to be the full DN, otherwise the search does not work: ``` ❯ ldapsearch -x -H ldap://localhost:3890 -D "cn=admin,ou=people,dc=example,dc=com" -b "ou=groups,dc=example,dc=com" -W "member=bob" Enter LDAP Password: # extended LDIF # # LDAPv3 # base <ou=groups,dc=example,dc=com> with scope subtree # filter: member=bob # requesting: ALL # # search result search: 2 result: 53 Server is unwilling to perform text: Unsupported group filter: while parsing a user ID: Missing DN value # numResponses: 1 ```
33 lines
1.0 KiB
YAML
33 lines
1.0 KiB
YAML
# lldap configuration:
|
|
# LLDAP_LDAP_BASE_DN: dc=example,dc=com
|
|
|
|
# ##############################
|
|
# rest of the Dex options
|
|
# ##############################
|
|
|
|
connectors:
|
|
- type: ldap
|
|
id: ldap
|
|
name: LDAP
|
|
config:
|
|
host: lldap-host # make sure it does not start with `ldap://`
|
|
port: 3890 # or 6360 if you have ldaps enabled
|
|
insecureNoSSL: true # or false if you have ldaps enabled
|
|
insecureSkipVerify: true # or false if you have ldaps enabled
|
|
bindDN: uid=admin,ou=people,dc=example,dc=com # replace admin with your admin user
|
|
bindPW: very-secure-password # replace with your admin password
|
|
userSearch:
|
|
baseDN: ou=people,dc=example,dc=com
|
|
username: uid
|
|
idAttr: uid
|
|
emailAttr: mail
|
|
nameAttr: displayName
|
|
preferredUsernameAttr: uid
|
|
groupSearch:
|
|
baseDN: ou=groups,dc=example,dc=com
|
|
filter: "(objectClass=groupOfUniqueNames)"
|
|
userMatchers:
|
|
- userAttr: DN
|
|
groupAttr: member
|
|
nameAttr: cn
|