Restricting LDAP Logins
Hello,
I am trying to configure LDAP Integration while also trying to restrict who can login to users who are members of a couple different AD groups. I have set the following under advanced options for LDAP Integration:
Transform: DOMAIN/$login$
Query: (&(sAMAccount=$login$)(|(memberOf=[DN for group1])(memberOf=[DN for group2])))
However, this continues to allow any user.
In TeamCity I am using this exact login filter to control which users are permitted to login. Am I understanding the purpose of the "Query" option correct or no?
Thanks,
Patrick
Please sign in to leave a comment.
Yes, it's a parameter passed to javax.naming.directory.DirContext.search(String name, String filter, SearchControls cons) method and it should work. Maybe you are trying to login with a user which is already registered via LDAP while it was possible? If so, try on some other user, please (just for us to be sure).
This was me