I'm using the ldap_integration module and have both authentication and ldapdata working perfectly. I would like to start leveraging the LDAP groups submodule, however I can't quite seem to get it to work. Currently, here is what I have configured:

(Connecting to Active Directory)

I have checked the "Group by attribute" and have specified the Attribute Name as "memberOf"

If I stop right here, save this, then login with an AD user, it will correctly create 10 roles based on the groups that the user is a member of and assign them to the user.

Now, I don't really want 10 roles assigned to each user, I just want one. I also want to be able to specify what these roles are called.

So here is where I get stuck. I go back to the configuration of LDAP Groups, and in the "LDAP group to Drupal role filtering" section I put "Webmaster|admin" (without quotes), and check the box that says "Use LDAP group to Drupal roles filtering". Webmaster is the AD group that my user is a part of. However, when I log on now, no roles get created or assigned. The Webmaster role did get assigned earlier before filling out anything in the "LDAP group to Drupal role filtering" section. I have tried sever variations of what to put in here (such as the DN of the group), but to no avail.

Does anyone have any tips that could help me troubleshoot this?


bkildow’s picture

I seemed to have figured this out. I needed the full distinguished name, without spaces.

zachatharsis’s picture

So I'm experiencing the exact same issue you were. Below is what I thought to be my distinguished name:
cn=Finance Users,ou=Users,dc=main,dc=hsd2,dc=org|Finance

What am I doing different to where I still cannot get roles created? Any help would be greatly appreciated.


mecvo1984’s picture


Can you provide exactly your settings? It would be helpful to have a visual of successful role mapping page settings as I've been trying to solve this very same problem, it would point me in the right direction with my own configuration and settings. Thanks.