LDAP Auth Role Issues

[BrandenEsses]

Hello!

I have just a clarifying question pertaining to LDAP auth - it seems that I cann't figure out how to properly assign roles and groups in auth_ldap.php. This is what I currently have:

$config['hosts'] = array('ad.domain.com');
$config['ports'] = array(389);
$config['basedn'] = 'CN=Users,DC=ad,DC=domain,DC=com';
$config['login_attribute'] = 'cn';
$config['proxy_user'] = 'CN=Administrator,CN=Users,DC=ad,DC=domainDC=com';
$config['proxy_pass'] = 'password';
$config['roles'] = array(1 => 'User',
    3 => 'Power User',
    5 => 'Administrator');
$config['member_attribute'] = 'memberOf';                                                                               $config['auditlog'] = 'application/logs/audit.log'; // Some place to log attempted logins (separate from message log)

I can confirm that binding is working. This is what I get in the log:

DEBUG - 2020-09-09 03:52:53 --> Successfully bound to directory.  Performing dn lookup for username
INFO - 2020-09-09 03:52:53 --> username has no role to play.

How exactly do I configure roles and member_attribute? I apologize if this information is available - I promise I searched a decent bit.

Thanks!

[pcolmer]

@BrandenEsses according to https://github.com/gwojtak/Auth_Ldap#roles, what the number points to is the name of a group that the Auth_Ldap library tries to access and then look for the authenticated user, using the 'member_attribute' attribute.

That said, looking through the code, it doesn't look like Stikked takes any advantage of this functionality at all. I don't think Stikked has any concept of roles - it is purely a feature that the Auth_Ldap library offers, but Stikked cannot use.