Based on what you said, here is what you should have on your user mappings:
BaseDN: DC=“domain”,DC=“mydom”,DC=“uk”
AdminDN: CN=“Administrator”,OU=“Admin Accounts”,OU=“System Accounts”,OU="- BSU - Privileged Users",DC=“domain”,DC=“mydom”,DC=“uk”
-
Leave the search stuff alone for now and save that
-
Then click the “Server Manager” tab at the top and then the “System Properties” option on the left.
-
Scroll down until you find “ldap.searchFilter”
-
Click the little edit icon
-
Enter this:
((objectClass=organizationalPerson)&(memberOf=CN=OPENFIRE_users,OU=OPENFIRE,OU= -GROUPS - Standard,dc=domain,dc=mydom,dc=uk))
For example here is what I have:
On the “Server Settings” -> “Profile Settings” page under “Directory Server (LDAP)” (tweaked slightly for security, but general idea)
Host:
controller1.domain.com, controller2.domain.com
Port:
636
Base DN:
OU=“Users”,OU=“Users and Computers”,DC=“domain”,DC="com"
Administrator DN:
CN=“openfireldap”,OU=“Service Accounts”,DC=“domain”,DC=“com”
On the “Server Manager” tab -> “System Properties” for “ldap.searchFilter” I have:
****((objectClass=organizationalPerson)&(memberOf=CN=Sec-Openfire,OU=Security,DC=dom ain,DC=com))