Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Good afternoon.
I have LDAP Authentication and Groups working just great - users in groups (in the "Member Of" tab in ADUC console) get their roles assigned correctly in Drupal, etc.
However, it seems that the primary group, in our case "Domain Users" is not listed as a member when you query by LDAP. If I set a different group as the Primary Group in ADUC, the only group listed in the "MemberOf" LDAP property is "Domain Users".
However, when looking at the LDAP values for a domain user, I don't see the primary group listed anywhere.
The only work-around I can think of is a bit "bad" in my books - in ldapgroups_roles_filter(), I would simply add:
$groups[] = "CN=Domain Users,CN=Users,DC=cfertech,DC=com";
This assumes that Domain Users is your default primary group. While this is true for our organization, it may not be for everyone.
Is there a better way of assuring members in the primary group get the appropriate role in Drupal?
Comments
Comment #1
miglius commentedComment #2
cgmonroe commentedClearing out old support requests - reopen if problem still exists in newest code