From 08cc25cd8c7c7af0d1ec0c3110bcc71cf0b83ca0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <github@jus.li>
Date: Wed, 15 Jan 2014 10:34:26 +0100
Subject: [PATCH] Support for group parameter with Active Directory

---
 src/authm_mad/remotes/ldap/authenticate | 1 +
 src/authm_mad/remotes/ldap/ldap_auth.rb | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/authm_mad/remotes/ldap/authenticate b/src/authm_mad/remotes/ldap/authenticate
index 8a01485..949b77c 100755
--- a/src/authm_mad/remotes/ldap/authenticate
+++ b/src/authm_mad/remotes/ldap/authenticate
@@ -69,6 +69,7 @@ begin
     ldap=OpenNebula::LdapAuth.new(server_conf)
 
     user_name,user_group_name=ldap.find_user(user)
+    user_group_name=user_name
 
     if !user_name
         STDERR.puts "User #{user} not found"
diff --git a/src/authm_mad/remotes/ldap/ldap_auth.rb b/src/authm_mad/remotes/ldap/ldap_auth.rb
index 5c6345a..d070556 100644
--- a/src/authm_mad/remotes/ldap/ldap_auth.rb
+++ b/src/authm_mad/remotes/ldap/ldap_auth.rb
@@ -73,9 +73,10 @@ class OpenNebula::LdapAuth
     end
 
     def is_in_group?(user, group)
+        filter = Net::LDAP::Filter.eq(@options[:group_field], user.first)
         result=@ldap.search(
                     :base   => group,
-                    :filter => "(#{@options[:group_field]}=#{user.first})")
+                    :filter => filter)
 
         if result && result.first
             true
-- 
1.8.3.2