LDAP groups via memberOf
18 views
Skip to first unread message
Rick Warren
Jul 24, 2017, 11:22:37 PM7/24/17
to SimpleSAMLphp
I am trying to pass LDAP group information through as SAML attributes.
# base <dc=example,dc=org> with scope subtree
# filter: (uid=someuser)
# requesting: memberof
#
# someuser, people, 15-IT, ABC, example.org
dn: uid=someuser,ou=people,ou=15-IT,ou=ABC,dc=example,dc=org
memberOf: cn=app-vault,ou=groups,ou=Access,dc=example,dc=org
memberOf: cn=15-it,ou=groups,ou=ABC,dc=example,dc=org
memberOf: cn=it-all,ou=groups,ou=ABC,dc=example,dc=org
memberOf: cn=sd_contractor,ou=groups,ou=ABC,dc=example,dc=org
memberOf: cn=app-git,ou=groups,ou=Access,dc=example,dc=org
But I cannot seem to get the memberOf attribute to pass through as a SAML attribute. Can someone please assist me with the correct proc filter to use?
Tim van Dijen
Jul 25, 2017, 3:28:49 AM7/25/17
to SimpleSAMLphp
Hello Rick,
You need to add 'memberof' to your ldap-authsource attributes array.
- Tim
Op dinsdag 25 juli 2017 05:22:37 UTC+2 schreef Rick Warren:
Op dinsdag 25 juli 2017 05:22:37 UTC+2 schreef Rick Warren:
Rick Warren
Jul 25, 2017, 11:55:54 AM7/25/17
to SimpleSAMLphp
That worked! thanks so much!
Reply all
Reply to author
Forward
0 new messages