Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By marton on
I have successfully configured the LDAPAuth module (I must use authentication) to integrate AD users into Drupal.
The question is now, how to integrate the users securitygroups located in AD's "Member of:" field for each user.
How do I do this?
Which of the 3 settings do I use?
("Group is specified in user's DN", "Groups are specified by LDAP attributes", "Groups exist as LDAP entries where a multivalued attribute contains the members' CNs")
Example(s) would be fine.
/MartOn
Comments
SOLVED!
I solved this..
this is not an issue anymore.
/MartOn
What was your solution?
I also use active directory and ldap-auth module. I know I will have to move to groups and would like to have the info. if you wouldn't mind sharing?
Thanks.
Lsabug
Solution
Sorry for not posting the solution :-)
Here is my config:
Prereq:
ldapAuth settings:I use a system account that have accest to AD, because we do not allow anonymous connections.
Server settings:
Organization name: here I put our Active directory name
LDAP Server: here I put IP adress to a AD controller
LDAP Port: 389
TLS encryption Not selected
Store passwords in encrypted form Not select
Login procedure:
Do not store users password during sessions Not selected
When logging in , drupal will look... I chose Drupals own database, if fails look to LDAP
Base DNs: here you have to set your DN path to where your users reside.
Username attribute: sAMAccountName
Advanced config:
DN for non-anonymous search: your sys AD account
ldapdata settings:Password for non-anonymous search: password for your sys AD account
Drupal-LDAP fields mapping
Same, but read-only mode SELECTED
Drupal field - LDAP attribute
mail = mail
the other I have blank, since I do not need them
Editing LDAP attributes directly
Attributes displayed on user pages: Here I checked Last Name, Common Name & Company Name
Attributes that can be edited by users: Here I have non chosen since I do not want drupal to write back to AD
Advanced configuration
Here is the same as on ldapauth
ldapgroups settings:Group is specified in user's DN Not select
Attribute of the DN which contains the group name: OU
Groups are specified by LDAP attributes: SELECTED
Attribute names (one per line): MemberOf
Groups exist as LDAP entries where a multivalued attribute contains
the members' CNs Not Selected
Nodes containing groups (one per line):
Here I have the same DN as in ldapauth
Attribute holding group members: memberUid
/MartOn
Thanks so much for providing this information
I appreciate it!
works great
Thanks for writing this post, worked great after editing
modules\ldap_integration\ldap_integration\ldapgroups.conf.php
to something like
'CN=LDAP_group_name,OU=Teams,OU=Security Groups,DC=our_company_name,DC=com' => 'Drupal_role_name'
Thank You!
Thank You!
This would be helpful to me
This would be helpful to me also!
Thanks,
James
How to solve synchronization issue?
Our organization is changing everyday. How can I sync these data?