From dd11c02b6a98570e812b9f8e922ecf5fc436c62e Mon Sep 17 00:00:00 2001 From: Margo Crawford Date: Fri, 11 Feb 2022 12:06:16 -0800 Subject: [PATCH] Add back entries because I think it's actually necessary --- internal/upstreamldap/upstreamldap.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/upstreamldap/upstreamldap.go b/internal/upstreamldap/upstreamldap.go index 05b25566..c1f14fb7 100644 --- a/internal/upstreamldap/upstreamldap.go +++ b/internal/upstreamldap/upstreamldap.go @@ -464,6 +464,7 @@ func (p *Provider) searchGroupsForUserDN(conn Conn, userDN string) ([]string, er } groups := []string{} +entries: for _, groupEntry := range searchResult.Entries { if len(groupEntry.DN) == 0 { return nil, fmt.Errorf(`searching for group memberships for user with DN %q resulted in search result without DN`, userDN) @@ -474,6 +475,7 @@ func (p *Provider) searchGroupsForUserDN(conn Conn, userDN string) ([]string, er return nil, fmt.Errorf("error finding groups for user %s: %w", userDN, err) } groups = append(groups, overrideGroupName) + continue entries } // if none of the overrides matched, use the default behavior (no mapping) mappedGroupName, err := p.getSearchResultAttributeValue(groupAttributeName, groupEntry, userDN)