LDAP Exclude computers and groups

peacefrog · Post by **peacefrog** » 07 Sep 2010, 18:19

I would like to exclude Computers, Groups, and any incorrect or temporary accounts from Customer LDAP Auth

I'm trying this command: #$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '()';

I've tried to put there AlwaysFilter => '(objectclass=user), AlwaysFilter => '(objectclass=computer), AlwaysFilter => '(objectcategory=CN=Person,CN=Schema,CN=Configuration,DC=Contoso,DC=ltd)

Still getting full list with computers, weird accounts, etc, whilst opening >Consumer users and searching using *

Can you help me with advice? AlwaysFilter being used for EXCLUDE "SOMETHING" from Auth LDAP? or INCLUDE?

Post by **jojo** » 07 Sep 2010, 19:14

It is a standard LDAP Search Filter

Some Infos: http://msdn.microsoft.com/en-us/library ... 85%29.aspx
http://www.faqs.org/rfcs/rfc2254.html

fbobraga · Post by **fbobraga** » 08 Sep 2010, 14:16

Seems that you are using it in wrong place:

peacefrog wrote:I'm trying this command: #$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '()';

The place used in my Config.pm:

$Self->{CustomerUser} = {
Host => (...)
(...)
Params => {
(...)
AlwaysFilter => '(&(objectCategory=User)(objectClass=User))'
(...)

(Using my little perl knowledge, I think it corresponds to: $Self->{CustomerUser}->{Params}->{AlwaysFilter} = '(&(objectCategory=User)(objectClass=User))';)

see: http://forums.otrs.org/viewtopic.php?f=61&t=5805#p23775

peacefrog · Post by **peacefrog** » 08 Sep 2010, 18:16

Thank you!

Znuny and ((OTRS)) Community Edition

LDAP Exclude computers and groups

LDAP Exclude computers and groups

Re: LDAP Exclude computers and groups

Re: LDAP Exclude computers and groups

Re: LDAP Exclude computers and groups