Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java
===================================================================
RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java,v
diff -u -r1.17 -r1.17.6.1
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	10 Apr 2009 17:24:02 -0000	1.17
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	6 Nov 2009 06:54:37 -0000	1.17.6.1
@@ -295,50 +295,54 @@
     public boolean addLDAPUser(Attributes attrs, Integer userId) {
 	User user = (User) service.findById(User.class, userId);
 	// get ldap attributes for lams org and roles
-	String ldapOrgAttr = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ORG_ATTR)));
+	//String ldapOrgAttr = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ORG_ATTR)));
+	List<String> ldapOrgs = getAttributeStrings(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ORG_ATTR)));
 	List<String> ldapRoles = getAttributeStrings(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ROLES_ATTR)));
 	// get column name of lams_organisation to match ldapOrgAttr to
 	String orgField = Configuration.get(ConfigurationKeys.LDAP_ORG_FIELD);
 
-	if (ldapOrgAttr != null && ldapRoles != null && orgField != null) {
+	if (ldapOrgs != null && ldapRoles != null && orgField != null) {
 	    // get list of possible matching organisations
-	    log.debug("Looking for organisation to add ldap user to...");
-	    List orgList = (List) service.findByProperty(Organisation.class, orgField, ldapOrgAttr);
-	    if (orgList != null && !orgList.isEmpty()) {
-		Organisation org = null;
-		if (orgList.size() == 1) {
-		    org = (Organisation) orgList.get(0);
-		} else if (orgList.size() > 1) {
-		    // if there are multiple orgs, select the one that is
-		    // active, if there is one
-		    HashMap<String, Object> properties = new HashMap<String, Object>();
-		    properties.put(orgField, ldapOrgAttr);
-		    properties.put("organisationState.organisationStateId", OrganisationState.ACTIVE);
-		    orgList = (List) service.findByProperties(Organisation.class, properties);
-		    if (orgList.size() == 1) {
-			org = (Organisation) orgList.get(0);
+		for (String ldapOrg : ldapOrgs) {
+		    log.debug("Looking for organisation to add ldap user to...");
+		    List orgList = (List) service.findByProperty(Organisation.class, orgField, ldapOrg);
+		    if (orgList != null && !orgList.isEmpty()) {
+			Organisation org = null;
+			if (orgList.size() == 1) {
+			    org = (Organisation) orgList.get(0);
+			} else if (orgList.size() > 1) {
+			    // if there are multiple orgs, select the one that is
+			    // active, if there is one
+			    HashMap<String, Object> properties = new HashMap<String, Object>();
+			    properties.put(orgField, ldapOrg);
+			    properties.put("organisationState.organisationStateId", OrganisationState.ACTIVE);
+			    orgList = (List) service.findByProperties(Organisation.class, properties);
+			    if (orgList.size() == 1) {
+				org = (Organisation) orgList.get(0);
+			    } else {
+				log.warn("More than one LAMS organisation found with the " + orgField + ": " + ldapOrg);
+				return false;
+			    }
+			}
+			// if the user is a member of any other groups, remove them
+			if (Configuration.getAsBoolean(ConfigurationKeys.LDAP_ONLY_ONE_ORG)) {
+			    service.removeUserFromOtherGroups(userId, org.getOrganisationId());
+			    break;
+			}
+			// now convert the roles to lams roles and add the user to the
+			// org
+			List<String> roleIds = getRoleIds(ldapRoles);
+			if (roleIds != null && !roleIds.isEmpty()) {
+			    service.setRolesForUserOrganisation(user, org.getOrganisationId(), roleIds);
+			    return true;
+			} else {
+			    log.warn("Couldn't map any roles from attribute: "
+				    + Configuration.get(ConfigurationKeys.LDAP_ROLES_ATTR));
+			}
 		    } else {
-			log.warn("More than one LAMS organisation found with the " + orgField + ": " + ldapOrgAttr);
-			return false;
+			log.warn("No LAMS organisations found with the " + orgField + ": " + ldapOrg);
 		    }
 		}
-		// if the user is a member of any other groups, remove them
-		if (Configuration.getAsBoolean(ConfigurationKeys.LDAP_ONLY_ONE_ORG)) {
-		    service.removeUserFromOtherGroups(userId, org.getOrganisationId());
-		}
-		// now convert the roles to lams roles and add the user to the
-		// org
-		List<String> roleIds = getRoleIds(ldapRoles);
-		if (roleIds != null && !roleIds.isEmpty()) {
-		    service.setRolesForUserOrganisation(user, org.getOrganisationId(), roleIds);
-		    return true;
-		} else {
-		    log.warn("Couldn't map any roles from attribute: "
-			    + Configuration.get(ConfigurationKeys.LDAP_ROLES_ATTR));
-		}
-	    } else {
-		log.warn("No LAMS organisations found with the " + orgField + ": " + ldapOrgAttr);
-	    }
 	}
 	return false;
     }