You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2023-06-19 16:37:05

victoire
Member
Registered: 2023-06-19
Posts: 54

ldap annuaire

Hello,

I would like to get some information about how the LDAP directory works with GLPI, particularly when we have multiple organizational units (sites) within the root domain, each containing several organizational units (admins, users). Our goal is to retrieve only the users from all sites.

Could you please provide me with details about the specific configuration required in GLPI to achieve this? How can we filter the users to include only those from all sites?

Thank you very much for your assistance!

Offline

#2 2023-06-20 13:32:35

victoire
Member
Registered: 2023-06-19
Posts: 54

Re: ldap annuaire

can someone help me please??

Offline

#3 2023-06-21 11:42:58

rv008
Member
From: Reims
Registered: 2008-09-17
Posts: 16
Website

Re: ldap annuaire

type your base BN
and filter like for  a AD
(&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
you can use JXplorer  for syntaxe help

Il est plus difficile de désagréger un préjugé qu'un atome.

Offline

#4 2023-06-21 11:50:26

victoire
Member
Registered: 2023-06-19
Posts: 54

Re: ldap annuaire

I have already tried but glpi returns all users including customers and admins, I just want to retrieve users from each site

Offline

#5 2023-06-21 11:56:38

WebGreg
Member
Registered: 2020-02-27
Posts: 740

Re: ldap annuaire

victoire wrote:

I have already tried but glpi returns all users including customers and admins, I just want to retrieve users from each site

The program must somehow recognize who is the admin and who is the user. You need to add some differentiator. Maybe a group? example (memberOf=cn=water,ou=users,dc=company,dc=com)

Alternatively, download all users, but define their profiles and unit membership based on rules.

Last edited by WebGreg (2023-06-21 11:59:37)

--
GLPI 10.0.17
GLPI-Inventory 1.4.0
Ubuntu Server 20.04 LTS

Offline

#6 2023-06-21 11:58:54

victoire
Member
Registered: 2023-06-19
Posts: 54

Re: ldap annuaire

I tried to define rules according to the sites (ou) with the users (ou) but when I go to the ldap directory it does not take into account the rules that I have defined

Offline

#7 2023-06-21 12:19:23

WebGreg
Member
Registered: 2020-02-27
Posts: 740

Re: ldap annuaire

victoire wrote:

I tried to define rules according to the sites (ou) with the users (ou) but when I go to the ldap directory it does not take into account the rules that I have defined

With the filter below, I only get users from a specific group:

(&(objectClass=user)(objectCategory=person)(memberOf:1.2.840.113556.1.4.1941:= CN=group_members,OU=unit,DC=domain,DC=com)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

But again - in my opinion, a better solution is to be able to import all of them, and divide them at the rules (front/ruleright.php).

Last edited by WebGreg (2023-06-21 12:20:37)

--
GLPI 10.0.17
GLPI-Inventory 1.4.0
Ubuntu Server 20.04 LTS

Offline

#8 2023-06-21 13:25:26

victoire
Member
Registered: 2023-06-19
Posts: 54

Re: ldap annuaire

it is necessary to modify this file rulesright.php for the rules?

Offline

#9 2023-06-21 13:30:20

WebGreg
Member
Registered: 2020-02-27
Posts: 740

Re: ldap annuaire

No - it's a link. If you look at the address of your GLPI, you will see the end of the address typical for each page - I gave the ending. It's faster than typing where you need to go in order. Under this link you can create assignment rules as you like.

--
GLPI 10.0.17
GLPI-Inventory 1.4.0
Ubuntu Server 20.04 LTS

Offline

Pages: 1

Board footer

Powered by FluxBB