diff --git a/README.md b/README.md index d209055..eb0d782 100644 --- a/README.md +++ b/README.md @@ -68,8 +68,6 @@ LDAP_BINDDN: ou=someunit,ou=people,dc=DOMAIN,dc=TLS # By default tries to bind directly with the ldap user - this user has to be in the LDAP GROUP # you have to set a group filter a minimal groupfilter would be: '(objectClass=person)' LDAP_GROUP_FILTER: '(memberof=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)' -# if user is in ADMIN_GROUP on user creation (2 first login) it sets isAdmin to true. -LDAP_ADMIN_GROUP_FILTER: '(memberof=cn=ADMINGROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)' LDAP_CONTACTS: 'true' ``` diff --git a/docker-compose.yml b/docker-compose.yml index 27d3081..ae02893 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -48,8 +48,6 @@ services: LDAP_BINDDN: ou=someunit,ou=people,dc=DOMAIN,dc=TLS # By default tries to bind directly with the ldap user - this user has to be in the LDAP GROUP LDAP_GROUP_FILTER: '(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)' - # if user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true. - LDAP_ADMIN_GROUP_FILTER: '(memberof=cn=ADMINGROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)' LDAP_CONTACTS: 'false' # Same property, unfortunately with different names in diff --git a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js index 8263a83..f4d6de9 100644 --- a/ldap-overleaf-sl/sharelatex/AuthenticationManager.js +++ b/ldap-overleaf-sl/sharelatex/AuthenticationManager.js @@ -305,9 +305,9 @@ const AuthenticationManager = { await client.unbind(); return callback(null, null) } - try { // if admin filter is set - only set admin for user in ldap group + // does not matter - admin is deactivated: managed through ldap if (process.env.LDAP_ADMIN_GROUP_FILTER) { const adminfilter = '(&' + process.env.LDAP_ADMIN_GROUP_FILTER + '(uid=' + uid + '))' adminEntry = await client.search(ldap_base, {