From 19a9e4e7845680929bc2efcd0f347b1eec0fe9d1 Mon Sep 17 00:00:00 2001
From: Waldirio M Pinheiro <waldirio@gmail.com>
Date: Sun, 16 Apr 2023 10:11:57 -0700
Subject: [PATCH 1/2] Fixing the UserGroup issue when working with RHDS/POSIX

---
 lib/ldap_fluff/posix_member_service.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/ldap_fluff/posix_member_service.rb b/lib/ldap_fluff/posix_member_service.rb
index 440b2c2..1b7b758 100644
--- a/lib/ldap_fluff/posix_member_service.rb
+++ b/lib/ldap_fluff/posix_member_service.rb
@@ -18,10 +18,12 @@ def find_user(uid, base_dn = @base)
   def find_user_groups(uid)
     groups = []
     @ldap.search(
-      :filter => Net::LDAP::Filter.eq('memberuid', uid),
+      :filter => Net::LDAP::Filter.eq(@attr_login, uid),
       :base => @group_base, :attributes => ["cn"]
     ).each do |entry|
-      groups << entry[:cn][0]
+      entry[:memberof].each do |grp|
+        groups << grp.sub(/.*?cn=(.*?),.*/, '\1')
+      end
     end
     groups
   end

From 0c277bd320e276fab60df577f815798e31024d12 Mon Sep 17 00:00:00 2001
From: Waldirio M Pinheiro <waldirio@gmail.com>
Date: Mon, 24 Apr 2023 09:40:59 -0700
Subject: [PATCH 2/2] checking all the ldap groups instead of memberof plugin

---
 lib/ldap_fluff/posix_member_service.rb | 30 ++++++++++++++++++++------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/lib/ldap_fluff/posix_member_service.rb b/lib/ldap_fluff/posix_member_service.rb
index 1b7b758..e80b7ad 100644
--- a/lib/ldap_fluff/posix_member_service.rb
+++ b/lib/ldap_fluff/posix_member_service.rb
@@ -15,19 +15,35 @@ def find_user(uid, base_dn = @base)
 
   # return an ldap user with groups attached
   # note : this method is not particularly fast for large ldap systems
+  # This group will check all the groups and will match the user. MemberOf plugin
+  # it's not required for this operation, once this plugin it's optional in ldap.
   def find_user_groups(uid)
     groups = []
-    @ldap.search(
-      :filter => Net::LDAP::Filter.eq(@attr_login, uid),
-      :base => @group_base, :attributes => ["cn"]
-    ).each do |entry|
-      entry[:memberof].each do |grp|
-        groups << grp.sub(/.*?cn=(.*?),.*/, '\1')
+
+    search_filter = Net::LDAP::Filter.eq('objectClass', 'groupOfNames')
+    results_attr = ["cn", "member"]
+
+    ldap.search(:filter => search_filter, :attributes => results_attr).each do |grp_info|
+
+      grp_info[:member].each do |login|
+        only_uid = login.split(',')[0].split('=')[1]
+
+        if only_uid.include?(uid)
+          groups << grp_info[:cn]
+        end
       end
     end
-    groups
+
+    if groups.length > 0
+      groups.flatten!
+    else
+      groups = []
+    end
   end
 
+
+
+
   def times_in_groups(uid, gids, all)
     filters = []
     gids.each do |cn|