LDAP Authentication with filter

Answered

I'm trying to add an Active Directory Authentication to YouTrack. The default configuration works fine. But if I try to add a more complex filter rule (e.g. to filter by group membership or account type), it always responds with: "LDAP failure: invalid attribute description"

Example for filter that works: "sAMAccountName=%u"

Example for filter that doesn't work: "(&(sAMAccountName=%u)(objectClass=person))"

Even that doesn't work: "(sAMAccountName=%u)"

(This is a duplicate to https://hub-support.jetbrains.com/hc/en-us/community/posts/205414990-HUB-LDAP-Authentication-how-to-filter-user-by-AD-Group- but because there seems no activity in that forum section I've posted it here)

2 comments
Comment actions Permalink
Official comment

Hello Michael,
I'm very sorry for the delay. Unfortunately, you've faced one of our known issues: https://youtrack.jetbrains.com/issue/JPS-2889
It is fixed in the upcoming release, but in the meantime you can use the following workaround: remove the external brackets from your filter. For example, instead of `(&(sAMAccountName=%u)(objectClass=person))` write `&(sAMAccountName=%u)(objectClass=person)`
Please let me know if we can help you any further, thank you.

Please sign in to leave a comment.