Trying the Dev team for help.
From: Samudrala, Vamshi Bhargav <[email protected]>
Date: Tuesday, 7 September 2021 at 12:24 AM
To: [email protected] <[email protected]>
Subject: Unable to view LDAP group members
Hello there,
I’ve set up NiFi to use our organization’s LDAP. I’m able to see the groups
with the current configuration but I’m unable to see the members in it. I’m
actually able to see the members when I specify the full group name but not
with a regex. I’ve tried multiple combinations over the last few days but
haven’t been able to get it working. Hoping to find the answers here.
The conf that works:
<property name="User Search Base">DC=xxxxxx,DC=com</property>
<property name="User Object Class">person</property>
<property name="User Search Scope">SUBTREE</property>
<property name="User Search
Filter">(memberOf=CN=NIFI_GROUP_NAME,OU=Groups,OU=ISO,DC=xxxxx,DC=com)</property>
<property name="User Identity Attribute">sAMAccountName</property>
<property name="User Group Name Attribute"></property>
<property name="User Group Name Attribute - Referenced Group
Attribute"></property>
<property name="Group Search Base">DC=xxxxx,DC=com</property>
<property name="Group Object Class">group</property>
<property name="Group Search Scope">SUBTREE</property>
<property name="Group Search Filter">(cn=NIFI*)</property>
<property name="Group Name Attribute">sAMAccountName</property>
<property name="Group Member Attribute">member</property>
<property name="Group Member Attribute - Referenced User
Attribute"></property>
I see all the groups whose name start with NIFI. I see the group name in the
users’ Member Of list and the users in the group’s Members list on the NiFi UI
for the NIFI_GROUP_NAME group and not others. The below doesn’t work though. I
want to see all the groups and members if the groups whose name starts with
NIFI. The only change I made is in the User Search Filter and included a
wildcard.
<property name="User Search Base">DC=xxxxxx,DC=com</property>
<property name="User Object Class">person</property>
<property name="User Search Scope">SUBTREE</property>
<property name="User Search
Filter">(memberOf=CN=NIFI_*OU=Groups,OU=ISO,DC=xxxxx,DC=com)</property>
<property name="User Identity Attribute">sAMAccountName</property>
<property name="User Group Name Attribute"></property>
<property name="User Group Name Attribute - Referenced Group
Attribute"></property>
<property name="Group Search Base">DC=xxxxx,DC=com</property>
<property name="Group Object Class">group</property>
<property name="Group Search Scope">SUBTREE</property>
<property name="Group Search Filter">(cn=NIFI*)</property>
<property name="Group Name Attribute">sAMAccountName</property>
<property name="Group Member Attribute">member</property>
<property name="Group Member Attribute - Referenced User
Attribute"></property>
I see the group names but not the members.
Thanks,
Vamshi
