Merge pull request #698 from Calpicow/groupsearch_by_dn
Allow getAttr to return DN
This commit is contained in:
Eric Chiang
GitHub
commit
a7db295714
@ -11,7 +11,9 @@ The connector executes two primary queries:
|
|||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
|
|
||||||
User entries are expected to have an email attribute (configurable through `emailAttr`), and a display name attribute (configurable through `nameAttr`). The following is an example config file that can be used by the LDAP connector to authenticate a user.
|
User entries are expected to have an email attribute (configurable through `emailAttr`), and a display name attribute (configurable through `nameAttr`). `*Attr` attributes could be set to "DN" in situations where it is needed but not available elsewhere, and if "DN" attribute does not exist in the record.
|
||||||
|
|
||||||
|
The following is an example config file that can be used by the LDAP connector to authenticate a user.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
|
|
||||||
|
|||||||
@ -47,6 +47,9 @@ import (
|
|||||||
// baseDN: cn=groups,dc=example,dc=com
|
// baseDN: cn=groups,dc=example,dc=com
|
||||||
// filter: "(objectClass=group)"
|
// filter: "(objectClass=group)"
|
||||||
// userAttr: uid
|
// userAttr: uid
|
||||||
|
// # Use if full DN is needed and not available as any other attribute
|
||||||
|
// # Will only work if "DN" attribute does not exist in the record
|
||||||
|
// # userAttr: DN
|
||||||
// groupAttr: member
|
// groupAttr: member
|
||||||
// nameAttr: name
|
// nameAttr: name
|
||||||
//
|
//
|
||||||
@ -285,6 +288,9 @@ func getAttr(e ldap.Entry, name string) string {
|
|||||||
}
|
}
|
||||||
return a.Values[0]
|
return a.Values[0]
|
||||||
}
|
}
|
||||||
|
if name == "DN" {
|
||||||
|
return e.DN
|
||||||
|
}
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user