From 118ed9d58b5f9e1dd0c9a88fc8affbdf4cb7e145 Mon Sep 17 00:00:00 2001 From: Thorsten Eckel Date: Thu, 1 Jun 2017 11:43:19 +0200 Subject: [PATCH] Fixed issue #1155 - Group and User filter detection for freeIPA LDAP fails. --- lib/ldap.rb | 1 + lib/ldap/group.rb | 2 +- lib/ldap/user.rb | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/ldap.rb b/lib/ldap.rb index ac07fdb4d..4bd2a06ab 100644 --- a/lib/ldap.rb +++ b/lib/ldap.rb @@ -137,6 +137,7 @@ class Ldap result = ldap.get_operation_result raise Exceptions::UnprocessableEntity, "Can't bind to '#{@host}', #{result.code}, #{result.message}" rescue => e + Rails.logger.error e raise Exceptions::UnprocessableEntity, "Can't connect to '#{@host}' on port '#{@port}', #{e}" end diff --git a/lib/ldap/group.rb b/lib/ldap/group.rb index 0e63a8dc2..bec592c70 100644 --- a/lib/ldap/group.rb +++ b/lib/ldap/group.rb @@ -112,7 +112,7 @@ class Ldap # # @return [String, nil] The active or found filter or nil if none could be found. def filter - @filter ||= lookup_filter(['(objectClass=group)']) + @filter ||= lookup_filter(['(objectClass=group)', '(objectClass=posixgroup)']) end # The active uid attribute of the instance. If none give on initialization an automatic lookup is performed. diff --git a/lib/ldap/user.rb b/lib/ldap/user.rb index 9cb25bdbd..ca000dbfc 100644 --- a/lib/ldap/user.rb +++ b/lib/ldap/user.rb @@ -162,7 +162,7 @@ class Ldap # # @return [String, nil] The active or found filter or nil if none could be found. def filter - @filter ||= lookup_filter(['(&(objectClass=user)(samaccountname=*)(!(samaccountname=*$)))', '(objectClass=user)']) + @filter ||= lookup_filter(['(&(objectClass=user)(samaccountname=*)(!(samaccountname=*$)))', '(objectClass=user)', '(objectClass=posixaccount)']) end # The active uid attribute of the instance. If none give on initialization an automatic lookup is performed.