Request #5294
Support nested groups in ldap
| Status: | Pending | Start date: | 07/28/2017 | |
|---|---|---|---|---|
| Priority: | Sponsored | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | Drivers - Auth | |||
| Target version: | - | |||
| Pull request: |
Description
Currently the ldap driver does not support groups withing groups.
History
#1
Updated by Strahinja Kustudic almost 4 years ago
Besides supporting nested groups in LDAP, which should probably be a setting like:
nested_groups: true
It would probably be better to replace the group option with something like ldap_access_filter (check the sssd.conf man page), where you can write any LDAP filter which needs to be matched for a user to allow the user to login. This will give more flexibility on who to allow to login, then just setting a single group.