Hi,
I am having 2 Issues with Archiva 2.1.0 Standalone and LDAP Authentification. 1. After adding <filter> in the Archiva.xml, the property ldap.config.mapper.attribute.user.filter will show up in the Redback Runtime Configuration I can then add an ldap filter to the properties -> save -> Web Interface will show "LDAP Role-Group mapping updated" and the filter works! The Archiva.xml is modified by the Web Interface, adding a <filter> tag for every comma separated Part. <filter>memberOf=CN=archiva_user</filter> <filter>OU=Archiva</filter> <filter>OU=Applikation</filter> <filter>OU=Groups</filter> <filter>DC=domain</filter> <filter>DC=com</filter> On Restart of the Service, the Configuration XML is modified and only 1 <filter> tag remains. <filter>memberOf=CN=archiva_user</filter> Users are no longer seen and unable to login. 2. Group-Role Mapping fails in Active Directory with comma separated Objects. Users in AD created with a comma -> "Smith, John" are not mapped to their Roles in Redback. AD will create a Backslash in front of the comma for the Object Name, but not in the cn attribute. Object name in ldap is "Smith\, John" distinguishedName "cn=Smith\, John,ou=department,dc=domain,dc=com" The cn attribute inside the object is "Smith, John" The member attribute in a group will show the distinguishedName When the comma is removed from the object name, mapping immediately works. (AD will not show the backslash, Softerra LDAP Browser was used to see them) Mit besten Grüßen Oliver Polte | Systemtechnik IVI Informationsverarbeitungs GmbH Itzehoer Platz, 25524 Itzehoe Telefon: +49 4821 8040-428 E-Mail: [email protected]<mailto:[email protected]> Internet: http://www.ivi.de/ _____________________________________________________________________ IVI Informationsverarbeitungs GmbH Itzehoer Platz, 25524 Itzehoe Geschäftsführer: Uwe Müller, Stefan Schwalbach Sitz: Itzehoe, Registergericht: Amtsgericht Pinneberg HRB 2073 IZ, USt.-ID-Nr. DE 134 777 598 _____________________________________________________________________
