jannik/grav-plugin-login-ldap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add search bind support, fix group_identifier typo, fix empty gidNumber query

Browse Source 
- Add search_bind_enabled/search_bind_dn/search_bind_password to allow
  using a dedicated LDAP account for user and group searches. This is
  needed when regular LDAP users lack search permissions (common with
  restrictive ACLs on OpenLDAP).
- Support both group_indentifier (original) and group_identifier config
  keys, falling back to 'cn' if neither is set.
- Skip the gidNumber-based primary group query when the attribute is
  empty, avoiding broken LDAP filters on non-posixAccount setups.
This commit is contained in:
Jannik Radix
2026-02-24 22:29:04 +01:00
parent 403350df9b
commit 6155c1fad2
4 changed files with 74 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
login-ldap.yaml
View File

@@ -5,6 +5,9 @@ version: 3
ssl: false
start_tls: false
opt_referrals: false
search_bind_enabled: false
search_bind_dn:
search_bind_password:
user_dn: 'uid=[username],dc=company,dc=com'
search_dn:
group_dn: