Hello,
I’m setting up an Openfire server, and I can’t get the group mapping to work with our openldap.
I somebody would be so kind to help me, here’s a example of the structure :
dc=xxx,dc=fr
– cn=system
— gidNumber=5001
— description=what does IT mean ?
— memberUid=it1
— memberUid=it2
-ou=people
– cn it1
– gidNumber=100 (default user group)
– uid=it1
– uidNumber=456
– cn it2
– gidNumber=100 (default user group)
– uid=it2
– uidNumber=457
I’ve tried numerous things, it keeps slipping through my fingers
Cheers,
Pierre
base DN: dc=xxx,dc=fr
The user part looks weird, I assume it looks like this instead:
-ou=people
– uid=it1
— cn it1
— gidNumber=100 (default user group)
— uidNumber=456
– uid=it2
— cn it2
— gidNumber=100 (default user group)
— uidNumber=457
User filter would then simply be:
(uid={0},ou=people,dc=xxx,dc=fr)
meaning the username ({0}) is the uid of each user.
Group mapping entries:
Group field: cn
Member field: memberUid
Description field: description
Group filter: (entrydn=cn=*,ou=groups,dc=xxx,dc=fr)
or maybe even: (dn=cn=*,ou=groups,dc=xxx,dc=fr)
Your values for group membership also look a bit suspicious: they only contain the uid part; this might be specific to openldap (I am used to 389ds).
You might have to enable posix mode, but there shouldn’t be a lot of suprises otherwise.