[ome-users] ldap new_user_group not working with :dn_attribute:
Tjelvar Olsson (JIC)
Tjelvar.Olsson at jic.ac.uk
Fri Apr 8 12:50:03 BST 2016
Dear all,
I’m trying to configure OMERO to assign users to specific groups from an LDAP server.
I have gotten to the stage where I can get it to assign the full domain name as the default group the first time a user logs in to OMERO, e.g.
cn=awesome,ou=groups,dc=scicomp,dc=jic,dc=ac,dc=uk
Now I am trying, and failing, to get OMERO to use the common name (cn) of the ldap group as the OMERO group name, e.g. awesome.
However,
When I use :dn_attribute:memberOf instead of :attribute:memberOf as the value of the “new_user_group” the (web) login hangs (on first login) and eventually returns with an “Internal Server Error” page.
Has anyone managed to configure an OMERO server to talk to LDAP using the :dn_attribute:?
Below is the configuration used in the failing case.
$ ./bin/omero config get
omero.db.name=omero
omero.db.pass=secret
omero.db.user=omero_db_user
omero.ldap.base=ou=people,dc=scicomp,dc=jic,dc=ac,dc=uk
omero.ldap.config=true
omero.ldap.group_mapping=name=cn
omero.ldap.new_user_group=:dn_attribute:memberOf
omero.ldap.urls=ldap://192.168.99.100:389
omero.ldap.user_filter=(objectClass=inetOrgPerson)
omero.ldap.user_mapping=omeName=uid,firstName=givenName,lastName=sn,email=mail
omero.web.application_server=wsgi
Kind regards,
Tjelvar
More information about the ome-users
mailing list