Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
ProGet LDAP Group Privileges
-
Using LDAP integration in ProGet, I have the following issues:
- I cannot add privileges for Domain Users, Authenticated Users or Domain Admins.
- I can add Users which I suspect is the local machines group BUT even though Domain Users is a member of this group, access is not granted and I get an error 500.
- Please change this error 500 to a 403 so that we can distinguish between setup issues and authorisation issues.
2 is a show stopper.
I look forward to your replies.
S.
Product: ProGet
Version: 3.1.0
-
I cannot repro this, just tried adding "Domain Users" and "Domain Admins" on our test instance and it worked as expected. Are you saying you can't find them in the user search, or that adding them just does nothing? Also make sure that you've selected a role to assign - if no roles are checked then it will just close the modal and nothing will be added.
-
Scenarios:
In 1-4. I am able to find the individual or group using the Find button/dialog.
1. I add myself as administrator to everything - this works. 2. I add individual colleagues as administrators, developers or read-only - these all work as expected.Next, I remove all the individual privileges added in 2.
3. I add Domain Users as read-only to (any) - does not work. 4. I add Domain Users as read-only to a specific feed - does not work. 5. I cannot find the domain group 'Authenticated Users' using the find dialog.Hope that's clear.
-
In this case, it sounds like the service account has some sort of enumeration problem with groups. This is not uncommon.
As a test, i would suggestto run the ProGet webapp (either in IIS or the hosted web service) with your domain account.
And of course, if you do find out specifically what caused this from the groups/permissions side of things, an update would most certainly be appreciated :)