Description
When using the CAS (only) to login, the LDAP Search Users function, for login restriction, does not work.
My LDAP filter: (&(uid=*)(|(o=ENT1)(o=ENT2)))
Scope: sub
Search Field: uid
This filter works perfectly when connecting via LDAP, but doesn’t work when we use CAS.
Server Setup Information
- Version of Rocket.Chat Server: 3.15.0
- Operating System: Ubuntu 20.04
- Deployment Method:tar
- Number of Running Instances: 3
- DB Replicaset Oplog: default?
- NodeJS Version: 12.18.4
- MongoDB Version: 4.0
- Proxy: haproxy
- Firewalls involved: no
Any additional Information
We can see the LDAP request, which work:
Jun 17 09:30:38 ldap1 slapd[543]: conn=11785458 op=1 SRCH base="ou=people,dc=domain,dc=com" scope=2 deref=0 filter="(&(&(uid=*)(|(o=ent1)(o=ent2)))(uid=my_user))"
Jun 17 09:30:38 ldap1 slapd[543]: conn=11785458 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
So, “nentries=0”, my user should not be able to log in, but with the CAS, he can…
Thanks in advance !