1 Reply Latest reply on Dec 18, 2013 4:31 AM by Maciej Swiderski

    JBPM 6.0.0 + LDAP (Active Directory)

    Ezequiel Santana Newbie

      I hope that this post can help someone.

      We spent a couple of hours trying to make it work.

       

      ldap.bind.user=user distinguished name

      ldap.bind.pwd=<password>

      ldap.user.ctx=<>

      ldap.role.ctx=<>

      ldap.user.roles.ctx=<>

      ldap.user.filter=(sAMAccountName={0})                 

      ldap.role.filter=(&(ObjectClass=group)(sAMAccountName={0}))   

      ldap.user.roles.filter=(member:1.2.840.113556.1.4.1941:={0})  *

      ldap.user.id.dn=false

      ldap.user.attr.id=sAMAccountName

      java.naming.provider.url=ldap://<url>:3268

       

      *From http://stackoverflow.com/questions/9945518/can-ldap-matching-rule-in-chain-return-subtree-search-results-with-attributes

       

      We had also to customize LDAPUserGroupCallbackImpl to set the search scope to SubTree.

      jbpm/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/LDAPUserGroupCallbackImpl.java a…

       

      //SUBTREE_SCOPE=2

      SearchControls constraints = new SearchControls(2, 0,0,null,false,false);

       

      Regards,