Hi, I have just found a potential bug in LDAP integration.
LDAP integration does not import the groups as configured in the mapped of module integration, and thus no roles are assigned accordingly.
I tried somehow to view the log to check what is going on in developer mode, but I found nothing useful or related to LDAP in the log.
Could you body help how to debug this? Or maybe fix it?
I can provide access to my ERPNext instance if needed.
Basically I followed this doc to configure LDAP:
Setting up LDAP (frappeframework.com)
APPLICATION VERSION
v14.26.0
HELM CHART VERSIONS
6.0.38
(31 May, 2023)
Here are my settings for the LDAP integration:
I tried also with a single exitence of Domain Users, the same, no roles are assigned as mapped here.
Did you ever find a solution to this i have the same issue
Hi! I had the same error. I examined the code and realized that I was incorrectly specifying ldap roles. I advise you to print what you get from ldap and from erp. This should be done in ldap settings in the sync_roles method. This will give you more insight into how role mapping works.
I also was pretty stuck on LDAPS just refusing to map groups properly which wasnt ideal.
The solution in the end for me was the “LDAP Group Mappings” table, i had entered the DN paths to the groups as their names for example “CN=ERPNext_Admins,OU=Security Groups,OU=MyBusiness,DC=domain,DC=com”. This mightve been obvious to alot of people but it caught me on my first time setting up ERPNext and the solution was literally just specifying the groups by their display name in AD so “ERPNext_Admins” as aposed to the full path. Dont know what i was thinking putting the path as the group name my first go round but incase that trips up anyone else figured id pop this comment up.
