Commit a7db2957 authored by Eric Chiang's avatar Eric Chiang Committed by GitHub

Merge pull request #698 from Calpicow/groupsearch_by_dn

Allow getAttr to return DN
parents f45a1a93 d4aba443
......@@ -11,7 +11,9 @@ The connector executes two primary queries:
## Configuration
User entries are expected to have an email attribute (configurable through `emailAttr`), and a display name attribute (configurable through `nameAttr`). The following is an example config file that can be used by the LDAP connector to authenticate a user.
User entries are expected to have an email attribute (configurable through `emailAttr`), and a display name attribute (configurable through `nameAttr`). `*Attr` attributes could be set to "DN" in situations where it is needed but not available elsewhere, and if "DN" attribute does not exist in the record.
The following is an example config file that can be used by the LDAP connector to authenticate a user.
```yaml
......
......@@ -47,6 +47,9 @@ import (
// baseDN: cn=groups,dc=example,dc=com
// filter: "(objectClass=group)"
// userAttr: uid
// # Use if full DN is needed and not available as any other attribute
// # Will only work if "DN" attribute does not exist in the record
// # userAttr: DN
// groupAttr: member
// nameAttr: name
//
......@@ -285,6 +288,9 @@ func getAttr(e ldap.Entry, name string) string {
}
return a.Values[0]
}
if name == "DN" {
return e.DN
}
return ""
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment