我们在单个用户存储中将WSO2-Identity Server 5.1.0与Active Directory中的多路径连接时遇到问题。
我们在Active Directory中有以下配置:
|- DC=org
|- DC=company
|- DC=users
|- OU=Department1
|- CN=User1
|- CN=User2
|- OU=Department2
|- CN=User3
我创建了一个基于Active Directory的UserStore,可以正确地从Department1获取用户(User1和User2)。现在我想从Department2获得用户而不创建另一个UserStore。
我在“用户搜索库”字段中尝试了以下过滤器而没有成功:
- (及(OU = Department1)(OU = Department2)),DC =用户,DC =公司,DC =组织
- ((|(OU = Department1)(OU = Department2)),DC =用户,DC =公司,DC = ORG)
- (&(OU = Department1,DC = users,DC = company,DC = org)(OU = Department2,DC = users,DC = company,DC = org))
- (|(OU = Department1,DC =用户,DC =公司,DC = ORG)(OU = Department2,DC =用户,DC =公司,DC = ORG))
- OU =(及(Department1)(Department2)),DC =用户,DC =公司,DC =组织
- OU = Department1,DC =用户,DC =公司,DC =组织; OU = Department2,DC =用户,DC =公司,DC =组织
- ((OU = Department1,DC =用户,DC =公司,DC = ORG)(OU = Department2,DC =用户,DC =公司,DC = ORG))
此外,我尝试让所有用户进入“用户搜索库”并为这些用户制作过滤器:
- “用户搜索库”:DC =用户,DC =公司,DC = org
- “用户DN模式”:(&(CN = {0},OU = Department1,DC =用户,DC =公司,DC =组织)(CN = {0},OU = Department2,DC =用户, DC =公司,DC = ORG))(|(CN = {0},OU = Department1,DC =用户,DC =公司,DC = ORG)(CN = {0},OU = Department2,DC =用户,DC =公司,DC = ORG))CN = {0},(|(OU = Department1)(OU = Department2)),DC =用户,DC =公司,DC =组织
有没有办法在没有一个userStore的情况下正确配置?
谢谢!