I've set up a jitsi-meet instance for test purposes and I use the ldap-related modules for user authentication configured in /etc/prosody/conf.d/ldap.cfn.lua. Here is my working ldap.cfn.lua (I removed usernames and passwords and replaced them with *):
-- Authentication configuration --
authentication = 'ldap2'
ldap = {
hostname = 'my.ldap.server.org',
--use_tls = true,
bind_dn = 'CN=ldap,OU=user,OU=my,DC=company,DC=org',
bind_password = '***',
user = {
basedn = 'ou=workers,ou=location1,dc=my,dc=company,dc=org',
filter = 'sAMAccountName=*',
usernamefield = 'sAMAccountName',
namefield = 'cn',
},
}
I have several locations within my AD (evolved historically) and I need to query them too. How can I specify more than one basedn parameter? Here is what I tried so far without positive results (mere guesses).
user = {
basedn = 'ou=workers,ou=location1,dc=my,dc=company,dc=org',
'ou=workers,ou=location2,dc=my,dc=company,dc=org',
filter = ...
...
},
user = {
basedn = '(ou=workers,ou=location1,dc=my,dc=company,dc=org,ou=workers,ou=location2,dc=my,dc=company,dc=org)',
filter = ...
...
},
Thanks!
Luckily I've figered out another solution in the meantime:
In my case it's not neccessary to query multiple OU within the AD. It's sufficient to query the very root of my AD and filter for every Domain User.
This site gave valuable hints: https://ldapwiki.com/wiki/Domain%20Users
Here is my working config:
authentication = 'ldap2'
ldap = {
hostname = 'my.ldap.server.org',
--use_tls = true,
bind_dn = 'CN=ldap,OU=user,OU=my,DC=company,DC=org',
bind_password = '***',
user = {
basedn = 'dc=my,dc=company,dc=org',
filter = '(primaryGroupID=513)',
usernamefield = 'sAMAccountName',
namefield = 'cn',
},
}