Issue #52 resolved

user has no group attributes assigned

Anonymous avatarAnonymous created an issue


I've just installed SCM manager with LDAP authenthication Plugin.

The authenticathion work well except for "group attribute"

Here the plug in config:

  • ID Attribute Name: samaccountname
  • Fullname Attribute Name: cn
  • Mail Attribute Name: mail
  • Group Attribute Name: memberOf
  • Base DN: ,Connection DN: , Connection Password: ,Host URL: #
  • Search Filter: (&(SAMAccountName={0}))
  • Search Scope: one
  • People Unit: OU=Dev,OU=Users
  • Groups Unit: OU=Groups
  • Enabled: Yes

I can log with any user in dev team but, Groups don't show up in SCM Interface

My users memberof attribute has the following value:

  • memberof: cn=SCM_TEST_GROUP,OU=Groups,DC=Mydomain,DC=COM; cn=Some_OTHER_GROUP,OU=Groups,DC=....

And i have also en info in log files when in log-in: INFO sonia.scm.auth.ldap.LDAPAuthenticationHandler - user has no group attributes assigned

Any idea why my LDAP group are not in SCM manager?

Thanks Jérémie

PS: plugin LDAP v1.4, SCM manager v1.6

Comments (7)

  1. Sebastian Sdorra
    • changed status to open

    Do you use anonymous bind (no connection dn and no connection password)? I don't know if the anonymous user is able to read the memberOf attribute. Perhaps the plugin should read the user attributes after login with the context of the user. I will think about that.

  2. jbecousse


    I've created an account fo bitbucket.

    No i don't use anonymous bind for LDAP connection,

    I've tried with an admin account for bind DN and it's the same problem. So i don't think the problem is about user's rights.


  3. Sebastian Sdorra

    Hi, I will setup an Active-Directory and test this issue. But you could use version 1.5 of the ldap-plugin, with this version you can configure the group search without the use the "group attribute".

  4. jbecousse


    I have set-up the 1.5 version of LDAP plugin.

    One question, How can i had a LDAP group to SCM interface?

    When i click on "Add" button, i can only create XML group.

    Both for users and groups it could be cool to specify the type (XML/LDAP) when you add it. Maybe with a verification button to ckeck if the user/group realy exist in LDAP?


  5. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.