I’m running into an issue with my LDAP user filter, I’m pretty sure. Here’s the error I’m gettting in the debug log for gitea:
2025/11/26 08:57:34 …/ldap/source_search.go:475:(Source).SearchEntries() [E] LDAP Search failed unexpectedly! (LDAP Result Code 201 “Filter Compile Error”: ldap: finished compiling filter with extra at end: %!(EXTRA string=))
2025/11/26 08:57:34 …/source/ldap/source_sync.go:54:(*Source).Sync() [E] SyncExternalUsers LDAP source failure [Active Directory], skipped
The user filter I’m trying to apply is:
(&(objectCategory=user)(memberOf=CN=git-users,OU=Git,OU=Applications,DC=na,DC=example,DC=com))
I tried using \ to escape the = signs in the git-users group, but that merely changes the error to:
2025/11/26 09:01:48 …/ldap/source_search.go:475:(*Source).SearchEntries() [E] LDAP Search failed unexpectedly! (LDAP Result Code 201 “Filter Compile Error”: ldap: invalid characters for escape in filter: encoding/hex: invalid byte: U+003D ‘=’)
2025/11/26 09:01:48 …/source/ldap/source_sync.go:54:(*Source).Sync() [E] SyncExternalUsers LDAP source failure [Active Directory], skipped
Which is not an improvement. How do I get my UserFilter to work sanely with Gitea’s go LDAP parser? Thanks..