Multiple roles matching multiple groups #201
Comments
|
Hey @pauldistel: We are currently digging into that to allow not only one role to be matched but multiple roles. You would still need to configure the mapping between the LDAP-roles and the Wordpress-Roles though. I can not give you an ETA for that feature though :-/ |
|
I did configure that of course. For almost all roles I have a corresponding AD group setup. My main purpose is not to validate if a user is allowed to login (that should be an function to be checked or not) but to have those multiple roles automaticly assigned so I can use that to determine the behaviour of the site. For example, somebody can be a news editor but also allowed user management. For that I have 2 roles and somebody can be assigned both. So suggestion to add as functionality:
In the group-filter you can narrow down the collection of groups to be processed and preventing many groups to be processed by adding a prefix in the name of groups, for example: (&(objectClass=group)(cn=*)(member=%dn%)) |
|
Andreas, in what specific part is that role to group mapping coded? I might do some investigation and checking so I can maybe contribute for a solution? |
|
Check out #200 😉 |
|
Will have a look!! |
|
THis has been released sinced v2.5.4 |
I was looking at an older issue which still seems to be an issue: #121
I have multiple roles defined in WP and corresponding groups in Active Directory. Authentication works fine but the administrator account was locked out because the administrator role was replaced by another role. I can prevent that by narrowing down the tree to search in for AD.
The main problem is that roles are deleted and only a default role remains after login of a user which has multiple AD groups assigned.
Is it possible not to have only one, primary or first group in a list matched (difficult to predict which role remains) but process the array of groups for multiple roles being assigned to a user?
The text was updated successfully, but these errors were encountered: