Modify the getUserlist() fonction to use ldap filter

I have an openldap directory with several thousand of accounts.
so when I try to use the ldap authentification in Librenms, it does not work.

After several hours of work, I found this solution (add an ldap filter to limit the number of results) :

  1. I have added $config[‘auth_ldap_Userlist_filter’] = ‘service=informatique’; in the config.php
  2. I have modified the source code of the getUserlist() function in the file librenms/LibreNMS/Authentication/LdapAuthorizer.php like this :

$filter = ‘(’ . Config::get(‘auth_ldap_prefix’) . ‘*)’;
if (Config::get(‘auth_ldap_Userlist_filter’) != NULL) {
$filter = ‘(’ . Config::get(‘auth_ldap_Userlist_filter’) . ‘)’;
}

Now with this modification, the ldap authentification working fine.

So could you add the ‘auth_ldap_Userlist_filter’ in the config.php and proceed of the modification of the source code of the getUserlist() function in the next release of Librenms ?

Thanks a lot

You should submit your code in github as pull requests.

I have done a pull request this morning :smiley:

Thanks for your help.

Hello @Frederic_CREMOUX

I have a pull request about LDAP. Could you test that there is no regression ?

In order to test the code, assuming app is in /opt/librenms :
cp -p /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php.old
wget https://raw.githubusercontent.com/louis-oui/librenms/ldap/LibreNMS/Authentication/LdapAuthorizer.php -O /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php

To revert change :
cp -p /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php.old /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php

1 Like

There are scripts to test PRs: ./scripts/github-apply 10760 and ./scripts/github-remove

erratum ./scripts/github-apply 10760 to test.
Thanks