mirror of
https://github.com/hashicorp/vault.git
synced 2026-04-01 15:15:01 -04:00
005cb3e042
-------------------------- Added new configuration option to ldap auth backend - groupfilter. GroupFilter accepts a Go template which will be used in conjunction with GroupDN for finding the groups a user is a member of. The template will be provided with context consisting of UserDN and Username. Simplified group membership lookup significantly to support multiple use-cases: * Enumerating groups via memberOf attribute on user object * Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes * Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule There is now a new configuration option - groupattr - which specifies how to resolve group membership from the objects returned by the primary groupfilter query. Additional changes: * Clarify documentation for LDAP auth backend. * Reworked how default values are set, added tests * Removed Dial from LDAP config read. Network should not affect configuration. |
||
|---|---|---|
| .. | ||
| assets | ||
| docs | ||
| intro | ||
| layouts | ||
| .gitignore | ||
| 404.html.erb | ||
| _ember_steps.html.erb | ||
| _ember_templates.html.erb | ||
| community.html.erb | ||
| downloads.html.erb | ||
| index.html.erb | ||
| robots.txt | ||
| security.html.erb | ||
| sitemap.xml.builder | ||