I have the following problem with the devel version (06.06.2006) in conjunction with OpenLDAP (and I think also with AD).
The group "user" is always added to the membership list of the user and only
this ACL is used. Never "other.group" or any other goup although all group memberships are well known to the DokuWiki!
Array ( [user] => test.lothar [server] => ldap.domain.de [dn] => uid=test.lothar,ou=test, ou=People, dc=domain,dc=de [mail] => [name] => lothar.test [grps] => Array ( [0] => other.group [1] => user ) )
I got my "knowledge" from
http://wiki.splitbrain.org/wiki:auth:ldap and an helpful PHP developer from our firm.
local.php wrote
$conf['useacl'] = 1;
$conf['autopasswd'] = 0;
$conf['openregister']= 0;
$conf['authtype'] = 'ldap';
$conf['auth']['ldap']['server'] = 'ldap.domain.de';
$conf['auth']['ldap']['usertree'] = 'uid=%{user},OU=test,OU=People,DC=domain,DC=de';
$conf['auth']['ldap']['userfilter'] = '(&(objectClass=posixAccount)(uid=%{user}))';
$conf['auth']['ldap']['grouptree'] = 'OU=Group,DC=domain,DC=de';
//$conf['auth']['ldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{uid}))';
$conf['auth']['ldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))';
$conf['auth']['ldap']['version'] = 3;
$conf['auth']['ldap']['debug'] = true;
$conf['superuser'] = 'thomas';
acl.auth.php wrote
* @admin 16
* @other.group 8
* @user 1
* @ALL 1
I think (hope) it's an config problem, can someone pls point me out where the problem resists?
I will keep investigating the problem...
TIA
BlackFog
PS: The problem seems to be in conjunction with dots in groupnames, e.g. "group.name". My workmate and I will try to finish investigation an file an bugreport if needed.