Wso2 use memberUid on external LDAP for groups

问题

I have connected Wso2 with an external LDAP. So, i want to handle the LDAP groups. However in Wso2 doc it states to use :

• groupOfNames as our objectClass and
• member as our MembershipAttribute

However my current LDAP server is not like that. This means that i use

• PosixGroup as my objectClass and
• memberUid for my MembershipAttribute

This leads me to the point that , when i add a user to a group, then Wso2 goes and puts this value uid=b1,ou=users,dc=transip,dc=nl inside memberUid. This is not compatible with my set up. What i need is Wso2 to just put the user's uid in the memberUid field and then the entry will be compatible with the rest of my setup.

How can i configure Wso2 to pass the uid when adding a user to a group instead of passing dn (Distinguished Name).

回答1:

According to JIRA [1], this issue has been already fixed in WSO2 IS 5.1.0. According to the JIRA to get your setup working you need to configure GroupObjectClass as "PosixGroup" and MembershipAttribute as "memberUid" in the UserStoreManager configuration relevant to your UserStore.

[1] https://wso2.org/jira/browse/IDENTITY-3400

回答2:

The same question has posted in https://wso2.org/jira/browse/IDENTITY-6295 as well. In order to achieve this its need to write custom user store manager, changing member attribute to add only uid, rather full DN.

来源：https://stackoverflow.com/questions/45757267/wso2-use-memberuid-on-external-ldap-for-groups