It would be useful to have the possibility of applying ldap filters syntax with the
FILTER =
in ccnet.conf.
For example,
FILTER = (|(ou=tech)(ou=adm))
considering that this feature is already used to transate FILTER and LOGIN_ATTR into an LDAP filter.
From https://manual.seafile.com/deploy/using_ldap.html
For example, add the following line to LDAP config:
FILTER = memberOf=CN=group,CN=developers,DC=example,DC=com
The final search filter would be (&(mail=*)(memberOf=CN=group,CN=developers,DC=example,DC=com))
Thank you!
Hi,
Sorry but I don’t quite understand your proposal. There is already a FILTER option for LDAP settings. What do you mean by an additional FILTER?
Hi,
in Seafile LDAP integration, there is: “The final filter used for searching for users is (&($LOGIN_ATTR=*)($FILTER)). $LOGIN_ATTR and $FILTER will be replaced by your option values.”
I tried to put in FILTER a generic LDAP filter expression, but, probably due to the configuration file parser, it is not evaluated.
Hmm, I think the filter should work. Could you set env variable ‘export CCNET_DEBUG=all’ before running seafile server? That would make more log message available in ccnet.log, including the filter used, irrc.
1 Like
Dear Jonathan,
You are right: FILTER variable works as expected.
There was a “logic” error in my first FILTER declaration, with respect to the & used to obtain the final filter.
Sorry for my previous posts about that.
Leo