1. Home
  2. Categories
  3. Support
  4. Open LDAP and group based permissions

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

Open LDAP and group based permissions

  • S

    We are evaluating ProGet and have some trouble with the ProGet Open LDAP configuration.

    It recognizes users and groups but not user and group relation. Therefore, mapping LDAP groups to permissions does not grant those permissions. It seems ProGet does not look for users in groups but for groups with users. This is the opposite from how our LDAP ID provider operates.
    Would you be able to help with troubleshooting this? We are currently and LDAP integrations would be essential.

    Thank you in advance and best regards,
    Sirko

    0
  • Dan_Woolf
    inedo-engineer

    Hi @sirko_6724,

    Which OpenLDAP-based server are you currently using? We have seen that most OpenLDAP-based servers tend to use different attributes based on their configuration. By default we use the values suggested by OpenLdap, but you may need to modify them to suite your setup. With that said, ProGet looks up both ways; get groups from the user and get users for the group. In most operations, ProGet will first find the user, then load their groups, and then check if the user or user's groups for permissions.

    Typically the starting point is verify the LDAP attributes and queries are correct for your OpenLDAP based server. Can you also share what you have configured for your LDAP attributes and LDAP queries?

    Thanks,
    Dan

    0
ldap 47
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation