Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.I want to authenticate users against an LDAP Group. I have successfully set up authentication for individual users, but cannot seem to find the correct settings for the authorization module to authenticate against groups. I have attached screenshots of my LDAP set up and the Drupal LDAP settings. The one thing I haven't included in the screenshots is the LDAP Server Configuration value for the LDAP Groups > Name of Group Object Class. For this field I have tried groupOfNames and organizationalUnit.
I would appreciate any guidance on what I'm doing wrong. I have read the online documentation, the issue queue and googled for solutions but cannot come up with anything. thanks in advance!
| Comment | File | Size | Author |
|---|---|---|---|
| III - Settings.PNG | 36.47 KB | sassafrass | |
| IIC - Settings.PNG | 21.96 KB | sassafrass | |
| uid=lht.test1_.PNG | 24.35 KB | sassafrass | |
| cn=MCWiki.PNG | 24 KB | sassafrass |
Comments
Comment #1
johnbarclay commentedAppreciate you reading the docs and issue queue and providing the structure of your ldap.
Definately case IIC is correct and everything in http://drupal.org/files/IIC%20-%20Settings.PNG looks correct except:
"Attribute holding the previous list of values" should be "dn"
since cn=MCWiki...dc=org is a dn.
This also looks correct: http://drupal.org/files/III%20-%20Settings.PNG.
Be aware that there are some current case sensitivity issues in the queue that may further complicate your testing.
Feel free to edit the documentation as insights from new users is invaluable in the documentation.
Comment #2
sassafrass commentedThanks for responding and your support!
Does the error message I get for III Settings provide any insight: "Authorization - Bad mapping syntax. Text entered but not able to convert to array."
Are the entries case sensitive or should they all be all lower case, regardless?
Comment #3
johnbarclay commentedthe mapping syntax check should just be for | in the entries in the filter/map box. the mappings should be case insensitive. all this assumes you are on the 7.x-1.x-dev branch. 7.x-2.x is pretty broken and I need to merge recent 7.x-1.x bug fixes into it.
Comment #4
sassafrass commentedChanged "Attribute holding the previous list of values" to "dn" and updated to latest version of 7.x.2.x-dev and it works! Thanks!