[ome-users] LDAP Config for PosixGroups

Josh Moore josh at glencoesoftware.com
Thu Jan 31 15:16:18 GMT 2019


Andreas,

On Thu, Jan 31, 2019 at 4:10 PM Andreas Mueller
<Andreas.Mueller at biologie.uni-osnabrueck.de> wrote:
...snip...
>
>   And - HURRAR - I can log in !!!

Progress!


>   But: with the wrong firstName, the wrong lastName and everyone can
>   login to the system .. I've no restrictions.
>  ____
>
>   I think omero has to login to the ldap-system with the dn of the user
>   and read *then* the private (hidden) attributes, because only the user
>   can read the own attributes.
>
>    > Can you fix that ????

I don't think so, at least not without re-writing the LDAP plugin. I
would ask your IT for a service account that can bind and see the
properties that you are looking for.


>   Next step:  how can I restrict the access ?

Can you explain? What access are you looking to restrict?

~Josh


More information about the ome-users mailing list