Major We are trying to link Nuxeo with an Active Directory server. Both userDirectory and groupDirectory work well but it is currently impossible to list the groups the user is a member of.
The source of the problem was tracked down to the pseudoNormalizeDn method:
protected static String pseudoNormalizeDn(String dn)
{ // this method does not respect the LDAP DN RFCs // but this is enough to compare our base dns in getLdapTargetIds dn = dn.replaceAll(", ", ","); return dn.toLowerCase(); }The problem is caused by the fact that the target Active Directory is configured to use [lastname], [firstname] as the CN as opposed to the more traditional [firstname] [lastname]. That, and pseudoNormalizeDn, means that DN like cn=tremblay,jean-jacques,dc=ldap,dc=example,dc=com are being searched by Nuxeo instead of cn=tremblay\, jean-jacques,dc=example,dc=com.
I believe using javax.naming functions instead of custom parsing with strings would suit Nuxeo better and serve a more reliable behavior in the long run.
