Hi,
I configured LDAP as explained in the doc and everything is working fine.
However I need to fetch the users from two “ou”.
I performed the following tries, but none of them worked:
-
<property name="userSearchBase">ou=employees1,ou=employees2</property>
-
<property name="userSearchBase">ou=employees1</property> <property name="userSearchBase">ou=employees2</property>
-
<property name="userSearchBase">(|(ou=employees1)(ou=employees2))</property>
Do you have any hint?
Best regards.
PS I’m using the 7.7.0 version over Jboss EAP 7.0.0
Hi @pmartella,
I don’t think that you can achieve your goal with userSearchBase property.
I would try to leave it empty, so the search will be performed starting from your baseDn
, and to extend you userSearchFilter.
This may be related: https://stackoverflow.com/questions/7472994/using-dn-in-search-filter
Hi @sdorokhova,
thanks for your reply.
Leaving the tag empty didn’t work.
12:53:16,414 ERROR [org.camunda.bpm.engine.context] (default task-1) ENGINE-16004 Exception while closing command context: Could not query for users: org.camunda.bpm.engine.impl.identity.IdentityProviderException: Could not query for users
…
Caused by: javax.naming.InvalidNameException: undefined,DC=example,DC=com: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8350, best match of: ‘undefined,DC=example,DC=com’]; remaining name ‘undefined,DC=example,DC=com’
However it worked fine removing the tag at all. Now the plugin performs the search from the baseDn
.
We can close the thread.