gitea: [LDAP] Can't map LDAP groups to Gitea Orgs/Teams
Description
Trying to join Gitea into FreeIPA’s LDAP.
Users work fine, but then I need to map the LDAP user groups to Gitea teams in order to manage access in a more centralized way.
The settings are as follows:
Group Search Base DN: cn=groups,cn=accounts,dc=autogramma,dc=lan
Group Attribute Containing List Of Users: member
User Attribute Listed In Group: uid
Map LDAP groups to Organization teams: {"cn=developers,cn=groups,cn=accounts,dc=autogramma,dc=lan":{"Autogramma":["Developers"]},"cn=engineers,cn=groups,cn=accounts,dc=autogramma,dc=lan":{"Autogramma":["Engineers"]}}
Organization is present:
Teams as well:
Updating external user information, though, is not joining anyone to any Teams.
What am I doing wrong?
Gitea Version
1.17.2
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
No response
How are you running Gitea?
Gitea binary build
Database
PostgreSQL
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 16 (4 by maintainers)
Commits related to this issue
- Improve LDAP group config documentation, fixes #21159 — committed to techknowlogick/gitea by svenseeberg 2 years ago
- Merge remote-tracking branch 'giteaofficial/main' * giteaofficial/main: Add missing translation (#26926) Vendor `jquery.are-you-sure` with strict mode fixes (#26901) Fix the secret regexp patte... — committed to zjjhot/gitea by zjjhot 10 months ago
So, looking through this with chatGPT, it is telling me the problem is at the start of the search string [(&()…
This empty bracket is the issue and I can’t work out how to get it populated.
I have put
dnintoUser Attribute Listed In Groupinstead ofuid, as suggested by @svenseeberg in private correspondence.This seems to have worked, and now I have the teams populated.
I think, this needs a better explanation in documentation and settings UI.
Thanks, @svenseeberg, I really appreciate your help!