Nested user attributes not exposed as valid LDAP attributes in LDAP Outpost · goauthentik/authentik#16954

(2 commenti) (0 reazioni) (0 assegnatari)Python (4050 star) (319 fork)batch import

bugbug/confirmedgood first issue

Descrizione

Describe the bug When exposing custom attributes via the LDAP outpost, nested attributes are not returned as individual LDAP attributes. Instead, they appear in a serialized map format that does not seem to comply with LDAP.

To Reproduce Steps to reproduce the behavior:

Configure a user in Authentik with a custom attribute containing nested values, e.g. settings.locale = en.
Query the user via the LDAP outpost using ldapsearch.
Inspect the LDAP response.

See that the attribute is returned as a serialized map string rather than as a proper multi-valued LDAP attribute.

Expected behavior I would expect the LDAP outpost to flatten or map the nested attribute into standard LDAP attributes, for example:

settingsLocale: en

settings.locale: en

instead of:

settings: map[locale:en]

Version and Deployment (please complete the following information):

authentik version: 2025.8.3
Deployment: Docker

Additional context Add any other context about the problem here.

Guida contributor

Tech stack: python
Dominio: backendapi
Tipo issue: bug
Difficoltà: 2
Tempo stimato: 1-3 hours
Stato attività: active
Chiarezza: clear
Prerequisiti: PythonLDAP
Adatta ai principianti: 75
Direzione di ricerca: Indaga la logica di serializzazione degli attributi dell'outpost LDAP, in particolare come gli attributi personalizzati nidificati vengono convertiti in attributi LDAP. Cerca il codice che gestisce l'appiattimento o il mapping degli attributi nel provider LDAP.