Split User and Group filter
This commit is contained in:
Sven Feyerabend
@@ -135,15 +135,14 @@ services:
|
||||
|
||||
LDAP_SERVER: ldaps://LDAPSERVER:636
|
||||
LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD
|
||||
LDAP_BINDDN: ou=someunit,ou=people,dc=DOMAIN,dc=TLS
|
||||
|
||||
# By default tries to bind directly with the ldap user - this user has to be in the LDAP GROUP
|
||||
# LDAP_GROUP_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
|
||||
LDAP_GROUP_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
|
||||
#LDAP_BINDDN: ou=someunit,ou=people,dc=DOMAIN,dc=TLS
|
||||
|
||||
# If user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true.
|
||||
# Admin Users can invite external (non ldap) users. This feature makes only sense
|
||||
# when ALLOW_EMAIL_LOGIN is set to 'true'. Additionally admins can send
|
||||
# # Binds with the LDAP_BIND_USER and searches for users matching this filter:
|
||||
LDAP_USER_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)(uid=%u)'
|
||||
|
||||
# If user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true.
|
||||
# Admin Users can invite external (non ldap) users. This feature makes only sense
|
||||
# when ALLOW_EMAIL_LOGIN is set to 'true'. Additionally admins can send
|
||||
# system wide messages.
|
||||
LDAP_ADMIN_GROUP_FILTER: '(memberof=cn=ADMINGROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
|
||||
ALLOW_EMAIL_LOGIN: 'true'
|
||||
@@ -151,6 +150,7 @@ services:
|
||||
# All users in the LDAP_GROUP_FILTER are loaded from the ldap server into contacts.
|
||||
# This LDAP search happens without bind. If you want this and your LDAP needs a bind you can
|
||||
# adapt this in the function getLdapContacts() in ContactsController.js (lines 82 - 107)
|
||||
LDAP_GROUP_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)'
|
||||
LDAP_CONTACTS: 'false'
|
||||
|
||||
# Same property, unfortunately with different names in
|
||||
|
||||
Reference in New Issue
Block a user