We have an Ubuntu 20.04 server running Jitsi Meet with all updates available in the Ubuntu repo. We have LDAP authentication working using our Active Directory per the “Jitsi Secure Domain” setup here: https://jitsi.github.io/handbook/docs/devops-guide/secure-domain
If I follow the syntax here, I should be able to limit host authorization to a group: Jitsi-meet LDAP Active Directory authentication - how to get log info
When we have the following line in, LDAP works to authorize hosts (though not limited to any group):
filter = ‘(objectClass=User)’,
When we change the line to this (domain name changed):
filter = ‘(&(objectClass=User)(memberOf=CN=VideoconfHosts,OU=Domain Groups,DC=exampledomain,DC=com))’,
Things sort of work. I am in this group, and a colleague is not. I can make a meeting, join it, click the “I am the host” button, and login with my AD “username” and password. All is well.
If I have a second user who is NOT in the test group, they can go to the jitsi-meet page, make a meeting, join it, click “I am the host,” enter an ad username and password…and it hangs at “Connecting.” There is no error in the log.
If we take the second user and add them to the test group, they are able to repeat the steps and join the meeting as host.
I believe that the expected behavior should be a message saying “you are not authorized to host this meeting” or something, but that is not the case.