You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is an example configuration for an OpenLDAP server integrated with Samba (hence `sambaSamAccount` object class). The `inetOrgPerson` has been set as the user structural class which adds attributes to the LDAP user like `email` or `mobile`. `simpleSecurityObject` class has been added for the ability to set passwords in LDAP.
60
+
61
+
62
+
63
+
## Known issues
64
+
65
+
### Multiple nested OUs
66
+
67
+
Using the integration with multiple nested organizational units may currently lead to some unexpected behavior. The following issues are known to occur:
68
+
69
+
* If you have duplicate user RDNs across multiple OUs a database error may occur: `Duplicate key violates unique constraint 'unique_ldap_rdn'` , causing issues with two way synchronization. This would happen in the following scenario:
70
+
*`CN=user1,OU=ou1,OU=ou,DC=example`
71
+
*`CN=user1,OU=ou2,OU=ou,DC=example`
72
+
* Limiting synchronization to selected groups may not work if your user's DN doesn't match the user search base:
In this example, the user's DN has deeper nesting than the search base, preventing matching them during the group members lookup.
78
+
79
+
To fix this problem, you should limit the search base to one organizational unit only, if possible. Otherwise we are working on a solution, the status can be tracked in the following issue: [https://github.com/DefGuard/defguard/issues/1242](https://github.com/DefGuard/defguard/issues/1242).
0 commit comments