...
There could be multiple entries for this attribute, one for each of its members. By default, the LDAP authentication provider assumes "member" to search for users. To alter this default, set a value/key for property for the provider to accurately search for group members.
hive.
...
server2.authentication.ldap.groupClassKey
This value represents the LDAP objectClass each of the groups implements in LDAP. By default, the LDAP Authentication provider uses "groupOfNames" in its search for groups. (Available starting in version 2.1.0.)
...
dn:uid=testGroup,ou=Groups,dc=domain,dc=com
objectClass: group
objectClass: top
memberUid: uid=testUser1,ou=Users,dc=domain,dc=com
memberUid: uid=testUser2,ou=Users,dc=domain,dc=com
cn: HiveUserGroup
Code Block | ||
---|---|---|
| ||
<property> <name>hive.server2.authentication.ldap.groupMembershipKey</name> <value>memberUid</value> </property> <property> <name>hive.server2.authentication.ldap.groupClassKey</name> <value>group</value> </property> |
...