LDAP Tools/Group Mapping

From Authentication Tools for Joomla! (JAuthTools)

Jump to: navigation, search

Group Mapping is a feature of the Sync, SSO and SSI bots that allow users to automatically created and assigned the appropriate privileges to the system. This means that when users are added to groups with in LDAP and then are automatically created on a Joomla! site they will be slotted into the appropriate group. The system uses a prioritization to determine the final Joomla! group membership depending on their LDAP group membership. Unless the LDAP Sync bot is enabled, the system will not alter users accounts and users who do not exist in LDAP will not be altered. Please keep in mind that by default the system will revert a user to registered status. This may cause issues on some systems where 'admin' is a legitimate account (such as Novell).

The map syntax is simple: 

groupMembership;JoomlaGroupID;JoomlaUserType;Priority

Joomla! 1.0 uses a different syntax (the pipe character has a different meaning in Joomla! 1.5): 

groupMembership|JoomlaGroupID|JoomlaUserType|Priority


Here is an example group map: 

cn=JoomlaAdmins,ou=Groups,O=TestSite;25;Super Administrator;20
cn=JoomlaPublishers,ou=Groups,O=TestSite;21;Publisher;100
cn=JoomlaManagers,ou=Groups,O=TestSite;23;Manager;10

Note: In 1.5, the seperator character is a semicolon (e.g. ";") not a pipe character (e.g. "|") due to changes in 1.5 parameter parsing. If you are using 1.0, then make sure that you change the semicolon to a pipe character.

If a user was a member of the JoomlaAdmins group and a member of the JoomlaPublishers group, in this situation they would be given Publisher level access because its priority is higher than the one assigned to the super administrator level. However if they were a member of JoomlaAdmins and JoomlaManagers, they would be assigned Super Admin instead of Manager because of the different priority.

For these values, please consult one of your users groupMembership attributes. This has only been tested on Novell eDirectory and MSAD based systems at present.


This is a list of default Joomla Group ID's and Joomla User Type's:

Joomla Group ID Joomla User Type
29 Public Frontend
18 Registered
19 Author
20 Editor
21 Publisher
30 Public Backend
23 Manager
24 Administrator
25 Super Administrator


Note: For Joomla! 1.5 this is supported via the User Sources system.

Retrieved from "http://sammoffatt.com.au/jauthtools/LDAP_Tools/Group_Mapping"
Personal tools