Asking for the recommended approach for a legacy LDAP with Numeric User ID's

[BaoTLeN]

Playbook Configuration:

Matrix Server:

• OS: Debian 11
• Architecture: amd64

Problem description:
Hi everyone,

i am currently trying to get Matrix to talk with a legacy LDAP where the Users are being identified by numeric ID's. Yes, i am aware that Numeric id's are reserved for Guests only but changing the legacy LDAP is not an option (unfortunately)

My Main Question for this Topic is: What is the recommended way to use the Legacy LDAP for the user to authenticate against while making it compatible with Matrix?
I would like to customize as few things as possible to have it as maintainable as possible. That means that (if possible) i would like to avoid making code-changes, container-manipulations or setting up a dedicated Authentication Provider.

My first attempt was using matrix-synapse-ldap3 following the guide on https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-ldap-auth.md but it failed with the Message "numeric user ids are reserved for guest users."
Digging deeper into the matter, i found a pull request to the Project from April this year but it hasn't been approved so far matrix-org/matrix-synapse-ldap3#179

# activate ldap support
matrix_synapse_ext_password_provider_ldap_enabled: true
matrix_synapse_ext_password_provider_ldap_uri: "ldaps://ldap.example.com"
matrix_synapse_ext_password_provider_ldap_start_tls: true
matrix_synapse_ext_password_provider_ldap_base: "ou=members,dc=example,dc=com"
matrix_synapse_ext_password_provider_ldap_attributes_uid: "uid"
matrix_synapse_ext_password_provider_ldap_attributes_mail: "mail"
matrix_synapse_ext_password_provider_ldap_attributes_name: "displayName"
matrix_synapse_ext_password_provider_ldap_bind_dn: "cn=matrix,ou=applications,dc=example,dc=com"
matrix_synapse_ext_password_provider_ldap_bind_password: "[redacted]"
matrix_synapse_ext_password_provider_ldap_filter: "(memberof=cn=example,ou=login,ou=groups,dc=example,dc=com)"

I have already tried using ma1sd, and besides not getting it up and running in the first place, my concern here is that that project might have been abandoned as the last commit was 2,5 Years ago. I followed the instructions on https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-ma1sd.md#authentication
and got the error:
500 server error: internal server error for url: http://matrix-ma1sd:8090/_matrix-internal/identity/v1/check_credentials

# activate ma1sd
# https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/5edf25efe4b3616fa4818abd0239b347b50ef154/docs/configuring-playbook-ma1sd.md
matrix_ma1sd_enabled: true
matrix_ma1sd_matrixorg_forwarding_enabled: false

matrix_synapse_ext_password_provider_rest_auth_enabled: true
# matrix-ma1sd is the hostname of the ma1sd Docker container
matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"

matrix_ma1sd_configuration_extension_yaml: |
  ldap:
    enabled: true
    connection:
      host: 'ldap.example.com'
      tls: true
      port: 636
      baseDNs: ['OU=members,DC=example,DC=com']
      bindDn: 'CN=matrix,OU=applications,DC=example,DC=com'
      bindPassword: '[redacted]'
    filter: '(memberof=CN=Z_M_ueber_18,OU=login,OU=groups,DC=example,DC=com)'
    attribute:
      name: 'cn'
      uid:
        type: 'uid'
        value: 'uid'

[github-actions]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days. To exempt the issue from being marked as stale again due to inactivity, add "confirmed" label.

[github-actions]

This issue was closed because it has been stalled for 7 days with no activity. If this issue is still reproduced, feel free to provide the issue with up-to-date information.