View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0022930 | mantisbt | authentication | public | 2017-05-26 08:54 | 2017-06-20 17:11 |
Reporter | mxit | Assigned To | dregad | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | no change required | ||
Product Version | 2.4.1 | ||||
Summary | 0022930: LDAP auth with check vor AD Group membership only works for Mantis-native existing users | ||||
Description | Hello, we use Mantis since quite a long time. But until now we use baisc authentication mantis-native, now we plan to switch to LDAP (Windows AD) authentication. We managed to configure it so far, but we have a strange issue. We do have the following configuration: $g_login_method = LDAP; So, basically we filter on objectClass user and check for membership in a specific group. But this group membership only works with "old", previously already in mantis-only created users. With new users, which are automatically created in Mantis due to the fact that they login first time authenticating against AD, this filter does not work. | ||||
Tags | No tags attached. | ||||
Hello mxit, I guess your user has not enougth permissions to ask for the Group Membership in Active Directory. The search request will find all objects which match to your filter, but if the g_ldap_bind_dn is not allowed to read all attributes it's automatically a 'no match' Best regards |
|
When using LDAP, users are auto-created[1] if authentication is successful; try setting |
|
mxit, You did not provide any feedback; I am therefore resolving this issue as "no change required". Feel free to reopen the issue at a later time and provide the requested information. |
|