Hello,
As I was able to configure the use of LDAPS in the meantime I’m now struggling with the configuration of the mapping.
What I have:
- serveral AD groups with permission in XWiki groups
- XWiki groups in the wiki
What does not work:
- mapping between AD Group and xwiki group, every user is ending up in the same group
- mapping of AD attributes to users
My configuration in xwiki.cfg:
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=CN=$WikiSD_Administrators,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Backend=CN=$WikiSD_Backend,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Fieldservice=CN=$WikiSD_Fieldservice,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Hotline=CN=$WikiSD_Hotline,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Moderators=CN=$WikiSD_Moderators,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Projekt=CN=$WikiSD_Projekt,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Softwareverteilung=CN=$WikiSD_SoftwareverteilungOU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.Steuerung=CN=$WikiSD_Steuerung,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|
XWiki.ServicePoint=CN=$WikiSD_ServicePoint,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|\
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail,company=company,Department=department,address=physicalDeliveryOfficeName
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap.user_group=CN=$WikiSD_Access,OU=$Administration,OU=xyz,OU=#AB,DC=xyz,DC=xyz,DC=xyz,DC=com|\
xwiki.authentication.ldap.mode_group_sync=always
xwiki.authentication.ldap.group_sync_resolve_subgroups=1
Thank you for your help and let me know if there’s something unclear.