From efa09d5e1daa3605b80778f918501abd14240a41 Mon Sep 17 00:00:00 2001 From: Toboshii Nakama <63410334+toboshii@users.noreply.github.com> Date: Wed, 14 Jul 2021 05:59:40 -0500 Subject: [PATCH] providers/ldap: fix: Return user DN with virtual group (#1142) * fix: incorrect ldap virtual group member DN Signed-off-by: Toboshii Nakama * fix: imports Signed-off-by: Toboshii Nakama --- outpost/pkg/ldap/utils.go | 10 +++++----- website/docs/outposts/ldap/ldap.md | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/outpost/pkg/ldap/utils.go b/outpost/pkg/ldap/utils.go index a27587f5e..d5271ef7b 100644 --- a/outpost/pkg/ldap/utils.go +++ b/outpost/pkg/ldap/utils.go @@ -2,10 +2,10 @@ package ldap import ( "fmt" - "strings" "math/big" - "strconv" "reflect" + "strconv" + "strings" "github.com/nmcclain/ldap" log "github.com/sirupsen/logrus" @@ -94,7 +94,7 @@ func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup { } func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup { - dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.GroupDN) + dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN) return LDAPGroup{ dn: dn, @@ -125,8 +125,8 @@ func (pi *ProviderInstance) GetGidNumber(group api.Group) string { } func (pi *ProviderInstance) GetRIDForGroup(uid string) int32 { - var i big.Int - i.SetString(strings.Replace(uid, "-", "", -1), 16) + var i big.Int + i.SetString(strings.Replace(uid, "-", "", -1), 16) intStr := i.String() // Get the last 5 characters/digits of the int-version of the UUID diff --git a/website/docs/outposts/ldap/ldap.md b/website/docs/outposts/ldap/ldap.md index 661747d36..d3bf8c138 100644 --- a/website/docs/outposts/ldap/ldap.md +++ b/website/docs/outposts/ldap/ldap.md @@ -55,7 +55,7 @@ The following fields are current set for groups: - "group" - "goauthentik.io/ldap/group" -A virtual group is also created for each user, they have the same fields as groups but have an additional objectClass: `goauthentik.io/ldap/group`. +A virtual group is also created for each user, they have the same fields as groups but have an additional objectClass: `goauthentik.io/ldap/virtual-group`. The virtual groups gidNumber is equal to the uidNumber of the user. **Additionally**, for both users and (non-virtual) groups, any attributes you set are also present as LDAP Attributes.