LDAP works but not the group mapping

I configured the LDAP today and after some minor issues with our DAP schemas I was able to get the basic auth working. But I cannot seem to get the group mapping to work. Our schema is simple, dc=cm,dc=cluster, the users are there, and then there is ou=Group,dc=cm,dc=cluster. Our metabase is a docker, I am unsure where to look for logs to see what is actually happening. Thanks in advance for any assistance.

Here’s an example mapping from our instance:

CN=Accounting,OU=Some Other Grouping,OU=Groups,OU=Staff,OU=Accounts,DC=example,DC=org

I’m not an expert on this, but make sure you get the CN= part for the actual group you’re trying to map.

1 Like

I think the issue with our LDAP is that groups are POSIX groups. I cannot find any documentation on what LDAP attributes are needed by Metabase. Originally for our user accounts, they were also POSIX. Only when a user was recreated as an inetorguser, and the first name attribute was filled in, would login work for them in Metabase. Any help here would be helpful.

1 Like

I have the issue in Metabase.

I have put these in the Authentication > LDAP:

Username or DN
uid=admin,cn=users,cn=compat,dc=mywebsite,dc=mydomain

User search base
cn=users,cn=accounts,dc=mywebsite,dc=mydomain

User filter
(&(uid={login})(objectClass=inetOrgPerson))

And in the Group Mapping, I put this:
cn=metabase_admins,cn=groups,cn=accounts,dc=mywebsite,dc=mydomain

And set the Groups to Admin:

(I followed the instruction here: https://www.powerupcloud.com/freeipa-integration-with-metabase-part-iii/)

The LDAP Authentication works fine but the group mapping doesn’t.

Any idea?

Hello,
Same here with Posix accounts on LDAP impossible to get the mapping to work but the users can log in .
Anyone has a solution.??
thanks

Hi,

I am facing the same issue. Even I have setup different filter than inetorguser filter.