LDAP Group Member Format - Help required

Community Support
1

Description

Hi guys,
I’m trying to setup the LDAP group support for our rocket chat server. LDAP user access is already working.
Currently I’m stuck at the LDAP Group Member Format setting as it should look like the following:

cn={givenName} {sn},ou=Users,ou=Accounts,dc=domain,dc=com

I have no idea how to get the data from the user account into this string. If I hard code a single user into the string it is working for the single user.
I already tried to use #{givenName} as well without any luck.

Server Setup Information

  • Version of Rocket.Chat Server: 1.1.0 RC2
  • Operating System: CentOS 7
  • Deployment Method: tar
  • Number of Running Instances: 3
  • DB Replicaset Oplog: true
  • NodeJS Version: 8.11.4
  • MongoDB Version: 4.0.9
  • Proxy: nginx
  • Firewalls involved: yes
2

Hi all,

please note that I guess the format is quite correct as I can see that this is giving me the user name into the LDAP search query.
cn=#{username},ou=Users,ou=Accounts,dc=Domain,dc=com

The Problem is that I need to push either the CN or the givenName+SN into the search.
Best regards
Timmi

3

Hi guys,

so I was checking the source code a bit and found out that two values are allowed:
#{username}
#{userdn}

So the userdn is exactly what I needed.

I recommend to update the documentation (https://rocket.chat/docs/administrator-guides/authentication/ldap/) and maybe even the hints from the admin page.
For sure the admin guide information are really outdated.

Best regards
Timmi

1 Like