AD/LDAP protocol does not assign roles for AD/LDAP groups

Question

AD/LDAP protocol does not assign roles for AD/LDAP groups

adalinesimonian opened this issue 9 years ago · 2 comments

adalinesimonian commented 9 years ago

Steps to replicate:

Create/obtain a user in AD/LDAP.
Make that user a member of a group.
Define a role in Anvil Connect named after the group DN, with LDAP path names upper-cased and no excess whitespace (e.g. CN=Administrators,OU=Security Groups,DC=example,DC=com)
Authenticate as that user.

Expected behaviour:

Roles are assigned to the user based on their AD/LDAP groups.

Actual behaviour:

No roles are assigned to the user.

Answer 1 · 2015-10-26T06:38:29.000Z

Strongly recommend a release is issued after this issue is fixed, as this issue breaks integration with a moderately significant authentication source.

Answer 2 · 2015-11-27T20:02:08.000Z

Glad to merge this and release but we need to do a code review first please.