I have ldapauth successfully creating users based on account entries in our organization's Accounts DN. However, we also have a Groups DN and I would like to restrict users' access to create accounts for the Drupal site based on membership in one or more groups in the Groups DN.

Is this possible? Any suggestions on how to accomplish it?

Comments

ajwn’s picture

I to can test successfully allowing all members of a domain access to the site and automatically creating account names based on their user name in AD but when I try to restrict by group I get an error,

"Access denied

* warning: array_intersect() [function.array-intersect]: Argument #1 is not an array in /opt/lampp/htdocs/modules/ldap_integration/ldapgroups.module on line 89.
* Sorry, unrecognized username or password. Have you forgotten your password?

You are not authorized to access this page. "

I have made sure this file ldapgroups.module is read and write, restarted XAMPP, tested with different users and groups. When I log in with the correct password for a user I get the above error but when I log in with an incorrect password I get

"Access denied
Sorry, unrecognized username or password. Have you forgotten your password?
You are not authorized to access this page. "

So it looks like the request from the site is hitting active directory finding an account within the specified group but when accepted not being processed by the LDAP module itself properly..

What can be done aside from making changes to ldapgroups.module?

group syntax is

CN=group,OU=security Group,OU=admin,DC=something,DC=something,DC=com,DC=au

Is this correct as it is not specified with that feature.

Please assist

Thanks.

aritztg’s picture

Subscribing