Configuration/Authentication Settings/LDAP groups

From DAViCal Wiki

Jump to: navigation, search

Group import/sync was added in 0.9.9, to use groups from LDAP first get users syncing from LDAP (see LDAP Examples for base configuration details). Import/sync users and groups via the Administration > Import Calendars menu in the web interface. Once you have users syncing from LDAP you should be able to sync groups with the following settings. 

    'baseDNGroups' => 'ou=Groups,dc=company,dc=com', //where to look for groups
    'filterGroups' => 'objectClass=posixGroup', //filter with same rules as filterUsers, could also be groupOfUniqueNames
    'group_mapping_field' => array('username' => 'cn',
                             'updated' => 'modifyTimestamp',
                             'fullname' => 'cn' ,
                             'members' =>'memberUid'
                             ), //used to create the group based on the ldap properties
     'scope' => 'subtree', // Search scope to use, defaults to subtree ( applies to BOTH user and group mappings )

Explanation of parameters:

baseDNGroups The base DN to look in for valid groups
filterGroups A filter which must pass for this to be a valid group
group_mapping_field An array of DAViCal field names vs. their LDAP mappings
scope The search scope for all LDAP searches(users and groups)

Note: the sync operations should be safe to use if you have made changes in LDAP and want those changes reflected in DAViCal.

Troubleshooting

If you do not see a message near the top of the page when syncing try running a search with another ldap tool. 

 'baseDNGroups' => 'ou=Groups,dc=company,dc=com',
 'filterGroups' => 'objectClass=posixGroup'
 'scope' => 'subtree'

could be tested with 

ldapsearch -h localhost -D "binddn" -W -s sub -b 'ou=Groups,dc=company,dc=com' 'objectClass=posixGroup'
Retrieved from "http://wiki.davical.org/w/Configuration/Authentication_Settings/LDAP_groups"
Personal tools