Hi,
I’m using the latest version 1.22.1
of SyncThing and I have an issue with the search filter in the LDAP configuration.
I’m using the following search filter:
(&(uid=%s)(o=Example)(ou=devs)(objectClass=inetOrgPerson))
It’s quite standard and very similar to the documentation, only I don’t use memberOf as my setup is not meant to work that way.
However, when I set the search filter with (uid=%s)
the GUI seems to bypass login entirely, there are no related logs, and I can just access the GUI and use it.
So I tried to remove the search filter, which seems to work since I get the little popup to login, but then SyncThing try to do a search with something like (EXTRA string=userName)
, which doesn’t work as it’s not supposed to with my openldap setup.
My complete config is as follow:
<ldap>
<address>openldap:389</address>
<bindDN>uid=%s,ou=users,dc=example,dc=com</bindDN>
<transport>plain</transport>
<insecureSkipVerify>true</insecureSkipVerify>
<searchBaseDN>ou=users,dc=example,dc=com</searchBaseDN>
<searchFilter>(&(uid=%s)(o=Example)(ou=devs)(objectClass=inetOrgPerson))</searchFilter>
</ldap>
I’m using a similar filter (without (uid=%s)
) with other services and I tried a query against my openldap with this exact filter, which was successful.
I think there could be a bug here, but I prefer to start a topic in case I missed something.
Thanks for your help. D