[GH-ISSUE #103] Clean up groups request to use filters #41

New issue

Closed

opened 2026-02-27 08:14:54 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 08:14:54 +03:00

Owner

Originally created by @nitnelave on GitHub (Dec 2, 2021).
Original GitHub issue: https://github.com/lldap/lldap/issues/103

Rather than rely on ad-hoc code to delegate to list_groups, list_user's_groups and so on.

Originally created by @nitnelave on GitHub (Dec 2, 2021). Original GitHub issue: https://github.com/lldap/lldap/issues/103 Rather than rely on ad-hoc code to delegate to list_groups, list_user's_groups and so on.

kerem

2026-02-27 08:14:54 +03:00

closed this issue
added the
cleanup
label

kerem commented

2026-02-27 08:14:55 +03:00

Author

Owner

@lowinger42 commented on GitHub (Jan 23, 2022):

I have tried to activate Librenms LDAP support against lldap.
The user bind is successful, then Librenms tries to verify group membership to grant permissions (admin, global_read, normal).
There are three ways to "find group members by"

Username
Full DN (using prefix and suffix)
DN Search (search using uid attribute)

None of these works. Debug log when using Username:

lldap_1 | 2022-01-23T22:39:26.440636Z DEBUG lldap::infra::ldap_handler: Received search request: LdapSearchRequest { base: "ou=groups,dc=int,dc=abundo,dc=se", scope: Subtree, aliases: Never, sizelimit: 0, timelimit: 0, typesonly: false, filter: And([Equality("cn", "librenms_admin"), Equality("uniqueMember", "")]), attrs: [] }

lldap_1 | 2022-01-23T22:39:26.441122Z DEBUG lldap::infra::ldap_server: Replying with LDAP op: SearchResultDone(LdapResult { code: UnwillingToPerform, matcheddn: "", message: "Unsupported group filter: Unsupported group filter: Equality("cn", "librenms_admin")", referral: [] })

@lowinger42 commented on GitHub (Jan 23, 2022): I have tried to activate Librenms LDAP support against lldap. The user bind is successful, then Librenms tries to verify group membership to grant permissions (admin, global_read, normal). There are three ways to "find group members by" - Username - Full DN (using prefix and suffix) - DN Search (search using uid attribute) None of these works. Debug log when using Username: lldap_1 | 2022-01-23T22:39:26.440636Z DEBUG lldap::infra::ldap_handler: Received search request: LdapSearchRequest { base: "ou=groups,dc=int,dc=abundo,dc=se", scope: Subtree, aliases: Never, sizelimit: 0, timelimit: 0, typesonly: false, filter: And([Equality("cn", "librenms_admin"), Equality("uniqueMember", "")]), attrs: [] } lldap_1 | 2022-01-23T22:39:26.441122Z DEBUG lldap::infra::ldap_server: Replying with LDAP op: SearchResultDone(LdapResult { code: UnwillingToPerform, matcheddn: "", message: "Unsupported group filter: Unsupported group filter: Equality(\"cn\", \"librenms_admin\")", referral: [] })

kerem commented

2026-02-27 08:14:55 +03:00

Author

Owner

@nitnelave commented on GitHub (Feb 12, 2022):

@lowinger42 can you try getting Librenms to work with the latest docker image?

@nitnelave commented on GitHub (Feb 12, 2022): @lowinger42 can you try getting Librenms to work with the latest docker image?

kerem referenced this issue

2026-02-27 08:16:32 +03:00

[GH-ISSUE #845] No such file or directory (os error 2) #302