Problems migrating from OpenLDAP to Active Directory

Infos:

  • Used Zammad version: 5.0.3
  • Used Zammad installation type: package
  • Operating system: Alma Linux 8
  • Browser + version: Chrome 98

I’ve reconfigured LDAP integration to our new Active Directory (previous configuration was for OpenLDAP), by redoing the confiuration wizard. Users have the same ID but stored on different LDAP attribute (uid in LDAP, sAMAccountName in AD). Groups were not used in LDAP, I was going to use them in AD.

Expected behavior:

  • Users imported with same Login
  • AD Groups can be used to attach Zammad roles

Actual behavior:

  • Users were not imported (log says ERROR – : key not found: “uid” (KeyError))
  • AD Groups cannot be used to attach Zammad roles

Steps to reproduce the behavior:

  • Configure LDAP integration against a OpenLDAP server
  • Import users
  • Reconfigure LDAP integration againsta a AD server
  • Import users

More info

I was able to solve the first problem by changing the UID attribute from console:

Setting.get(‘ldap_config’)[‘user_uid’]
=> “uid”

Setting.set(‘ldap_config’, Setting.get(‘ldap_config’).merge(‘user_uid’ => ‘objectguid’))

Regarding the second point, seesm that Zammad is still searching for objects of class groupOfUniqueNames instead of group

I was able to fix the behaviour by using this command in console:

Setting.set(‘ldap_config’, Setting.get(‘ldap_config’).merge(‘group_filter’ => ‘(objectClass=group)’))

1 Like