openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vieri <>
Subject Re: usergroup assignment on login
Date Thu, 14 Feb 2013 09:17:06 GMT
Hi Sebastian,

What you propose would work fine.

I hacked it in a different way:
I modified the LdapLoginManagement class and added an ldap_usergroups config key which would
be set by the admin in the om_ldap conf files (not provided via LDAP server as an attribute).
What I do then is create an om_ldap_*.cfg file for each functional group (eg. om_ldap_group1.cfg,
om_ldap_group2.cfg, etc.). I also create the usergroups/organizations in the OM database (group1,
group2, etc. - aka groupNAME) and record their IDs (groupID). For each om_ldap_* file I manually
set  ldap_usergroups=groupID and then specify an LDAP search base as CN:groupNAME,CN:domain,CN:com,

I like your idea better because it would be easier to maintain (and I would have to mess with
group IDs).

just a note though: the LDAP "user group" field (String ldap_user_org_name) should not necessarily
contian only one group ID. It could be an array of IDs, eg. "2 4 12". OM would need to extract
a Long array from this String.

Are you planning on modifying the OM svn source code and add the feature you propose? If so,
please let me know so I can test it and not duplicate the effort.



--- On Wed, 2/13/13, <> wrote:

Hi Vieri,

sorry I just seen that email now. 
I would rather suggest we use the same mechanism comparable to the other ldap attributes:

Adding an ldap attribute with the name "ldap_user_org_name" (string value).

If the ldap_config key is not configured it will be using the default org for the user.
If this ldap config key is present and the LDAP search query returns a value for that key
and if an org in OpenMeetings with that name exists, this org_id will be assigned to the user.

If not, the org with that name will be created in OpenMeetings and then that org_id used.


2013/2/12 Vieri <>


I have users who login via LDAP and they are always assigned the default usergroup/organization.

How can I assign LDAP users to one group or another?

Maybe an ldap integer attribute would be enough so I could provision the OM usergoup ID each
time an LDAP user logs in?


Sebastian Wagner!/dead_lock

View raw message