Uploaded image for project: 'OpenOLAT'
  1. OpenOLAT
  2. OO-862

Support custom filter for LDAP context search

    XMLWordPrintable

    Details

      Description

      So far the only filter that could be used in the LDAP configuration was the configuration of the ldap.ldapUserObjectClass. Sometimes it is necessary to create more complex filters, e.g. to check for group memberships.

      The new configuration is backwards compatible for the ldap.ldapUserObjectClass configuration but enables admins to change the filter to whatever they want.

      A simple configuration in olat.local.properties would look like this:

      ldap.ldapUserObjectClass=person
      ldap.ldapUserFilter=(objectClass=${ldap.ldapUserObjectClass})
      

      A more complex like this:

      ldap.ldapUserObjectClass=person
      ldap.ldapUserFilter=(&(objectClass=${ldap.ldapUserObjectClass})(memberOf=CN=OpenOLATAccess,OU=Students,DC=openolat,DC=org))
      

        Attachments

          Activity

            People

            Assignee:
            gnaegi Florian Gnägi
            Reporter:
            gnaegi Florian Gnägi
            Tester:
            Matthai Kurian
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 4 hours
                4h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours Time Not Required
                3h