[PR #5281] [CLOSED] Adding RFC2307 (openLDAP/Posix) style LDAP group memberships #6462

New Issue

OVERLORD · 2026-02-05T10:32:58+03:00

OVERLORD commented

2026-02-05 10:32:58 +03:00

📋 Pull Request Information

Original PR: https://github.com/BookStackApp/BookStack/pull/5281
Author: @bennet0496
Created: 10/23/2024
Status: ❌ Closed

Base: development ← Head: ldap_posix_groups

📝 Commits (4)

301731d Add RFC2307 (Posix) style LDAP group lookups
bec3802 Fixing Unittests for RFC2703bis
5b2e0c4 Add PHP doc for RFC2307 style getUserGroups
50583d8 Fix RFC typo in unit tests

📊 Changes

3 files changed (+93 additions, -1 deletions)

View changed files

📝 app/Access/LdapService.php (+82 -1)
�� app/Config/services.php (+4 -0)
📝 tests/Auth/LdapTest.php (+7 -0)

📄 Description

OpenLDAP servers (or maybe other Non-AD Servers as well), predominately used in Unix/Linux environments may not have the memberOf overlay configured and rely on RFC2307 style group memberships, where an extra query is required to resolve the username or uid against the memberUid attributes of the group. With this PR I'd like to add support these kinds of group memberships.

For this I added the following config values to the .env:

LDAP_GROUP_STYLE which has to be set to RFC2307 to activate posix groups. Any other value will default to AD/memberOf behavior
LDAP_GROUP_BASE_DN which is the base for the groups to be searched
LDAP_GROUP_MEMBER_ATTRIBUTE which is the group attribute the username/uid is matched against. Defaults to memberUid
LDAP_GROUP_FILTER is a filter for the group search, that defaults to (&(objectClass=posixGroup))

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/BookStackApp/BookStack/pull/5281 **Author:** [@bennet0496](https://github.com/bennet0496) **Created:** 10/23/2024 **Status:** ❌ Closed **Base:** `development` ← **Head:** `ldap_posix_groups` --- ### 📝 Commits (4) - [`301731d`](https://github.com/BookStackApp/BookStack/commit/301731d542f1a1dcee8e652539ad33ab9e816757) Add RFC2307 (Posix) style LDAP group lookups - [`bec3802`](https://github.com/BookStackApp/BookStack/commit/bec380238b0d34eaf15f894a711f96c54d3a4e9b) Fixing Unittests for RFC2703bis - [`5b2e0c4`](https://github.com/BookStackApp/BookStack/commit/5b2e0c41d2e973e922eb529bf5a1f31012aced9a) Add PHP doc for RFC2307 style getUserGroups - [`50583d8`](https://github.com/BookStackApp/BookStack/commit/50583d8b9c6fea5d80f0b93666d173c0baa12cf4) Fix RFC typo in unit tests ### 📊 Changes **3 files changed** (+93 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `app/Access/LdapService.php` (+82 -1) �� `app/Config/services.php` (+4 -0) 📝 `tests/Auth/LdapTest.php` (+7 -0) </details> ### 📄 Description OpenLDAP servers (or maybe other Non-AD Servers as well), predominately used in Unix/Linux environments may not have the memberOf overlay configured and rely on RFC2307 style group memberships, where an extra query is required to resolve the username or uid against the `memberUid` attributes of the group. With this PR I'd like to add support these kinds of group memberships. For this I added the following config values to the `.env`: - `LDAP_GROUP_STYLE` which has to be set to `RFC2307` to activate posix groups. Any other value will default to AD/memberOf behavior - `LDAP_GROUP_BASE_DN` which is the base for the groups to be searched - `LDAP_GROUP_MEMBER_ATTRIBUTE` which is the group attribute the username/uid is matched against. Defaults to `memberUid` - `LDAP_GROUP_FILTER` is a filter for the group search, that defaults to `(&(objectClass=posixGroup))` --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2026-02-05 10:32:58 +03:00

OVERLORD closed this issue

2026-02-05 10:32:58 +03:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#6462