LDAP Search Users fonction not working when using CAS


When using the CAS (only) to login, the LDAP Search Users function, for login restriction, does not work.
My LDAP filter: (&(uid=*)(|(o=ENT1)(o=ENT2)))
Scope: sub
Search Field: uid
This filter works perfectly when connecting via LDAP, but doesn’t work when we use CAS.

Server Setup Information

  • Version of Rocket.Chat Server: 3.15.0
  • Operating System: Ubuntu 20.04
  • Deployment Method:tar
  • Number of Running Instances: 3
  • DB Replicaset Oplog: default?
  • NodeJS Version: 12.18.4
  • MongoDB Version: 4.0
  • Proxy: haproxy
  • Firewalls involved: no

Any additional Information

We can see the LDAP request, which work:

Jun 17 09:30:38 ldap1 slapd[543]: conn=11785458 op=1 SRCH base="ou=people,dc=domain,dc=com" scope=2 deref=0 filter="(&(&(uid=*)(|(o=ent1)(o=ent2)))(uid=my_user))"
Jun 17 09:30:38 ldap1 slapd[543]: conn=11785458 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=

So, “nentries=0”, my user should not be able to log in, but with the CAS, he can…

Thanks in advance !

I’m not sure LDAP filtering works on CAS?

Not mentioned here.

I’ll try and ask.

Hi John,
Thanks !

Think someone will be giving you a comprehensive reply in due course. Just hang on!

1 Like