Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Invalid
-
None
-
None
-
None
Description
LDAP authentication with database backend (as proposed here) can't correctly handle situation, when ldap-search-bind-dn is not contained in ldap-user-base-dn.
Eg.:
ldap-user-base-dn: ou=common,ou=users,dc=example,dc=com
ldap-search-bind-dn: uid=guacamole,ou=system,ou=users,dc=example,dc=com
In this situation guacamole user will not show LDAP users in Settings/Users and common user authentication will result it successful authentication followed by Unable to query list of objects from LDAP directory error.
Even with:
ldap-user-base-dn: ou=users,dc=example,dc=com
things are not working correctly for users from ou=common,ou=users,dc=example,dc=com.