LDAP filters in ccnet.conf

It would be useful to have the possibility of applying ldap filters syntax with the
in ccnet.conf.

For example,
FILTER = (|(ou=tech)(ou=adm))

considering that this feature is already used to transate FILTER and LOGIN_ATTR into an LDAP filter.

From https://manual.seafile.com/deploy/using_ldap.html

For example, add the following line to LDAP config:
FILTER = memberOf=CN=group,CN=developers,DC=example,DC=com
The final search filter would be (&(mail=*)(memberOf=CN=group,CN=developers,DC=example,DC=com))

Thank you!


Sorry but I don’t quite understand your proposal. There is already a FILTER option for LDAP settings. What do you mean by an additional FILTER?


in Seafile LDAP integration, there is: “The final filter used for searching for users is (&($LOGIN_ATTR=*)($FILTER)). $LOGIN_ATTR and $FILTER will be replaced by your option values.”

I tried to put in FILTER a generic LDAP filter expression, but, probably due to the configuration file parser, it is not evaluated.

Hmm, I think the filter should work. Could you set env variable ‘export CCNET_DEBUG=all’ before running seafile server? That would make more log message available in ccnet.log, including the filter used, irrc.

1 Like

Dear Jonathan,

You are right: FILTER variable works as expected.
There was a “logic” error in my first FILTER declaration, with respect to the & used to obtain the final filter.

Sorry for my previous posts about that.