LDAP user search 10.0.9 with custom attribute

ocuser_mueller · December 12, 2018, 10:27pm

We created a custom LDAP user query to match person and a certain ou:

(&(objectClass=person)(ou=ownclouduser))

and “Verify settings and count users” correctly, e.g. 3 test users with the attribute set. But other LDAP persons can also log in - even if they do not have the ou=ownclouduser attribute set. Do we misunderstand the user query? Or do we have to add this to the Login LDAP query?

Best regards,
Heiner

dmitry · December 13, 2018, 11:44am

Yes. The login filter determines who can log in.

ocuser_mueller · December 13, 2018, 1:17pm

works! the filter is now in

LDAP Login Atrributes
Edit LDAP Query:
(&(|(objectclass=person))(|(ou=ownclouduser))(|(uid=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))

The ‘|’ in “(|(ou=” seems a bit redundant, but i got this syntax from the suggestion.

Thanks,
Heiner

dmitry · December 13, 2018, 2:13pm

Great to hear that