Hello everyone,
I want to map some specific users to admin roles with LDAP login.
for example what I got from ldapsearch
# user_name, department, Company, Company, company, company.com
dn:
CN=user_name,OU=department_name,OU=Company,OU=Company,OU=company,DC=company,DC=com
To become admin.
Or how to map *OU=department_name* to admin role?
I tried both below but it didn't work.
> - ldapRealm.rolesByGroup = user_name: admin
> - ldapRealm.rolesByGroup = department_name: admin
WARN [2021-03-29 15:25:40,515] ({qtp1595282218-17}
LdapRealm.java[getRoles]:325) - Failed to get roles in current context for
*user_name* javax.naming.AuthenticationException: [LDAP: error code 49 -
80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error,
data 52e, v2580]
*shiro.ini*
> [main]
> ldapRealm = org.apache.zeppelin.realm.LdapRealm
> ldapRealm.contextFactory.systemUsername=cn=user_name,dc=domain,dc=com
> ldapRealm.contextFactory.systemPassword=password
> ldapRealm.contextFactory.authenticationMechanism=simple
> ldapRealm.contextFactory.url=ldap://ldap_server:389
> ldapRealm.authorizationEnabled=true
> #ldapRealm.pagingSize = 20000
> ldapRealm.userSearchAttributeName = uid
> ldapRealm.userSearchScope = subtree
> ldapRealm.groupSearchScope = subtree
> ldapRealm.memberAttribute = member
> ldapRealm.memberAttributeValueTemplate=(name={0})
> ldapRealm.groupSearchEnableMatchingRuleInChain = true
> ldapRealm.rolesByGroup = user_name: admin
Regards,
