hi Colm,
it might work with groupOfUniqueNames but in the current ldap
configuration role doesn't map to "uniquemember".
i will try changing
services/sts/src/main/webapp/WEB-INF/endpoints/ldap.xml to see if that works
<util:map>
...
<entry
key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
value="member" />
...
</util:map>
On 06/10/2017 19:04, Colm O hEigeartaigh wrote:
Hi Matthew,
Are you saying that Fediz would not work with groupOfUniqueNames?
Colm.
On Wed, Oct 4, 2017 at 8:41 AM, Matthew Broadhead <
[email protected]> wrote:
hi,
i have the fediz ldap configuration working with my own ldap server but i
had to change my setup a little bit.
originally the groups structure (eg. cn=user,ou=groups,dc=example,dc=com)
had objectClass of "groupOfUniqueNames" containing "uniquemember" elements.
i had to change it to "groupOfNames" containing "member" elements.
is it possible to use the first structure? it seems that would offer
better data integrity by preventing duplicate entries?
Regards,
Matthew
