id summary reporter owner description type status priority milestone component version resolution keywords cc drp_resources i_links o_links remaining_time sprint 6248 LDAP - remove user from security group wmoore sylittlewood " If a user is removed from the LDAP security group used to create their OMERO account, they can still log in: https://www.openmicroscopy.org/community/viewtopic.php?f=4&t=748 The user_filter property should (optionally?) be applied on every login. Note: In discussions with Ola, there are at least two issues that this solution will not cover: 1. since the original DN is stored in OMERO, there is the possibility that it will become out of sync, e.g. if the user changes his/her OMERO username. The current plan will be to signal an `InternalException` to the user. 2. this will only work for LDAP configurations in which group membership is a property on the user so that it can be filtered via `omero.ldap.user_filter`. In cases where group membership is a property of the groups, then we will need to rework how `group_filter` and `new_user_group` interact." task closed major OMERO-Beta4.3.2 Configuration fixed cxallan jamoore atarkowska 0 2011-09-15 (5)