Does ldap groups work with openldap? #10399

New Issue

Closed

opened 2025-11-02 09:06:30 -06:00 by GiteaMirror · 3 comments

GiteaMirror commented 2025-11-02 09:06:30 -06:00

Owner

Copy Link

Originally created by @night-gold on GitHub (Mar 8, 2023).

Description

I'm trying to link groups to gitea organization/teams.

For tests purposes I tried to link the ldap admins to a test "Admins" organization with an "Admins" team that I created.

Users synchronisation is working so I thought this option should work as well but I can't really found any clear description of this feature or how I should fill it, you never know I may be doing something wrong. My current configuration look like that:

Currently the logs look like that when I try so synchronise:
Failed group search using filter[(member=UIDVALUEOFUSER)]: LDAP Result Code 34 "Invalid DN Syntax": invalid DN

I have seen some strange things like people adding a plugin (memberof) to their openldap to make something works, not sure it applies in that case, can't find a definitive doc about that.
There is also a script to force the sync outside of gitea conf: gitea-group-sync but from what I can read in it... seems like it's not compatible with the gitea API after the version 1.16.x ...

It's a bit confusing and I don't know what I should be using to synchronise my ldap groups.

I may have miss a doc hidden somewhere and if that is the case I'm sorry but I can't find an answer currently.

Gitea Version

1.17.3

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

2.30.2

Operating System

Debian

How are you running Gitea?

We are running the gitea package downloaded from dl.gitea.io and are using systemd to run it as a service.

Database

PostgreSQL

Originally created by @night-gold on GitHub (Mar 8, 2023). ### Description I'm trying to link groups to gitea organization/teams. For tests purposes I tried to link the ldap admins to a test "Admins" organization with an "Admins" team that I created. Users synchronisation is working so I thought this option should work as well but I can't really found any clear description of this feature or how I should fill it, you never know I may be doing something wrong. My current configuration look like that:  Currently the logs look like that when I try so synchronise: ` Failed group search using filter[(member=UIDVALUEOFUSER)]: LDAP Result Code 34 "Invalid DN Syntax": invalid DN` I have seen some strange things like people adding a plugin (memberof) to their openldap to make something works, not sure it applies in that case, can't find a definitive doc about that. There is also a script to force the sync outside of gitea conf: [gitea-group-sync](https://github.com/gitea-group-sync/gitea-group-sync) but from what I can read in it... seems like it's not compatible with the gitea API after the version 1.16.x ... It's a bit confusing and I don't know what I should be using to synchronise my ldap groups. I may have miss a doc hidden somewhere and if that is the case I'm sorry but I can't find an answer currently. ### Gitea Version 1.17.3 ### Can you reproduce the bug on the Gitea demo site? No ### Log Gist _No response_ ### Screenshots _No response_ ### Git Version 2.30.2 ### Operating System Debian ### How are you running Gitea? We are running the gitea package downloaded from dl.gitea.io and are using systemd to run it as a service. ### Database PostgreSQL

GiteaMirror added the issue/needs-feedback label 2025-11-02 09:06:30 -06:00

GiteaMirror closed this issue 2025-11-02 09:06:31 -06:00

GiteaMirror commented 2025-11-02 09:06:31 -06:00

Author

Owner

Copy Link

@svenseeberg commented on GitHub (Mar 24, 2023):

In Gitea 1.19 the group sync does not seem to work at all. I cannot see any queries related to the group sync in my OpenLDAP logs. However, the admin group sync seems to work. I'll investigate a little.

*edit: my problem is actually #23615

@svenseeberg commented on GitHub (Mar 24, 2023): In Gitea 1.19 the group sync does not seem to work at all. I cannot see any queries related to the group sync in my OpenLDAP logs. However, the admin group sync seems to work. I'll investigate a little. *edit: my problem is actually #23615

GiteaMirror commented 2025-11-02 09:06:31 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (Apr 23, 2023):

OpenLDAP is a standard LDAP server so Gitea should work with it.

1.17 is quite old and new Gitea has fixed a lot of LDAP related bugs. Could you try the latest version?

@wxiaoguang commented on GitHub (Apr 23, 2023): OpenLDAP is a standard LDAP server so Gitea should work with it. 1.17 is quite old and new Gitea has fixed a lot of LDAP related bugs. Could you try the latest version?

GiteaMirror commented 2025-11-02 09:06:32 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (May 2, 2023):

Feel free to reopen if there is still any problem.

@wxiaoguang commented on GitHub (May 2, 2023): Feel free to reopen if there is still any problem.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label issue/needs-feedback

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#10399