From 326ed81d1f18b1e27a14a27ba13330707b279031 Mon Sep 17 00:00:00 2001
From: Justin Riley <justin.t.riley@gmail.com>
Date: Mon, 6 Jul 2015 16:28:40 -0400
Subject: [PATCH] fix default group bug in get_groups()

Users should only be added to the default group if it's defined and the user's groups aren't mapped (ie get_groups() is empty). This is correctly handled by the `remotes/auth/ldap/authenticate` script by checking whether or not get_groups returns an empty list.
---
 src/authm_mad/remotes/ldap/ldap_auth.rb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/authm_mad/remotes/ldap/ldap_auth.rb b/src/authm_mad/remotes/ldap/ldap_auth.rb
index 68ea7ff982..b67b24c519 100644
--- a/src/authm_mad/remotes/ldap/ldap_auth.rb
+++ b/src/authm_mad/remotes/ldap/ldap_auth.rb
@@ -180,8 +180,6 @@ class OpenNebula::LdapAuth
         [@user['memberOf']].flatten.each do |group|
             if @mapping[group]
                 groups << @mapping[group]
-            else
-                groups << @options[:mapping_default]
             end
         end