Community

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Popular
    • Users
    • Search

    Person groups membership problem

    Operating
    2
    4
    757
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      igorp last edited by

      Hi,

      I have installed i-doit pro trial version and currently having some issues with person groups mappings.

      LDAP is configured and working fine. Users are found in the AD and successfully authenticated.
      I have also created a new person group and configured LDAP-Group mapping.
      This also works fine, users are on their first login assigned to this group.

      The problem is that every user is also assigned to the Admin group.
      So every user is a member of this group with LDAP mapping and the Admin group.

      I can't seem to find where to disable automatic assignment to Admin group.

      There is a file "isys_application.class.php" with the following line :

      define("CLDAPGROUP_IDS", isys_tenantsettings::get('ldap.default-group', ''));
      

      Editing the line to something like

      define("CLDAPGROUP_IDS", isys_tenantsettings::get('ldap.default-group', '10'));
      

      did not change anything.
      User are still assigned to the Admin group and LDAP mapped group.

      Is there a way to disable this automatic assignment of all users to Admin (object ID 14) group?

      System specifications:
      i-doit 1.8.2, revision 21802
      OS Debian 8.7
      PHP 5.6.29
      MariaDB 10.0.29

      1 Reply Last reply Reply Quote 0
      • dkirsten
        dkirsten last edited by

        Hi,

        this is a bug in 1.8.2. We are just checking how and where it occurrs. I will post an update when we know whats going on.

        Viele Grüße,

        Daniel

        1 Reply Last reply Reply Quote 0
        • dkirsten
          dkirsten last edited by

          Here is a fix for 1.8.2. It only applies the default group if no other LDAP group mapping is found.
          the default group can be found in the advanced system settings by the way. It is a good idea to change it to a non existing group ID e.g. 999999 or the ID of the reader group.

          isys_module_ldap.class.php.zip

          Viele Grüße,

          Daniel

          1 Reply Last reply Reply Quote 0
          • I
            igorp last edited by

            The fix did the trick.
            Thank you very much!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post