Hi Oliver, Does the workaround in this jira issue address your #1? <https://jira.codehaus.org/browse/MRM-1486> https://jira.codehaus.org/browse/MRM-1486
For #2, what sort of failure and log/error messages are you seeing? Best, Jon Sharp On Tue, Aug 19, 2014 at 3:11 AM, Polte, Oliver <[email protected]> wrote: > Hi, > > > I am having 2 Issues with Archiva 2.1.0 Standalone and LDAP > Authentification. > > > 1. > After adding <filter> in the Archiva.xml, the property > ldap.config.mapper.attribute.user.filter will show up in the Redback > Runtime Configuration > I can then add an ldap filter to the properties -> save -> Web Interface > will show "LDAP Role-Group mapping updated" and the filter works! > > The Archiva.xml is modified by the Web Interface, adding a <filter> tag > for every comma separated Part. > > <filter>memberOf=CN=archiva_user</filter> > <filter>OU=Archiva</filter> > <filter>OU=Applikation</filter> > <filter>OU=Groups</filter> > <filter>DC=domain</filter> > <filter>DC=com</filter> > > On Restart of the Service, the Configuration XML is modified and only 1 > <filter> tag remains. > > <filter>memberOf=CN=archiva_user</filter> > > Users are no longer seen and unable to login. > > > 2. > Group-Role Mapping fails in Active Directory with comma separated Objects. > > Users in AD created with a comma -> "Smith, John" are not mapped to their > Roles in Redback. > > AD will create a Backslash in front of the comma for the Object Name, but > not in the cn attribute. > > Object name in ldap is "Smith\, John" > distinguishedName "cn=Smith\, John,ou=department,dc=domain,dc=com" > > The cn attribute inside the object is "Smith, John" > The member attribute in a group will show the distinguishedName > > When the comma is removed from the object name, mapping immediately works. > (AD will not show the backslash, Softerra LDAP Browser was used to see > them) > > > > Mit besten Grüßen > Oliver Polte | Systemtechnik > > IVI Informationsverarbeitungs GmbH > Itzehoer Platz, 25524 Itzehoe > Telefon: +49 4821 8040-428 > E-Mail: [email protected]<mailto:[email protected]> > Internet: http://www.ivi.de/ > > > _____________________________________________________________________ > IVI Informationsverarbeitungs GmbH > Itzehoer Platz, 25524 Itzehoe > Geschäftsführer: Uwe Müller, Stefan Schwalbach > Sitz: Itzehoe, Registergericht: Amtsgericht Pinneberg > HRB 2073 IZ, USt.-ID-Nr. DE 134 777 598 > _____________________________________________________________________ >
