I am having a problem with group memberships in LDAP. I have 2 accounts (long story) in different OUs in active directory:
User1:
CN=Matt Jones
sAMAccountName=jones.matt.desktop
User2:
CN=Matt Jones
sAMAccountName=jones.matt
Member of “Technology Center” group
By some luck, when I login to the admin page and look at the “Technology Center” group, I see that Wildfire thinks jones.matt.desktop is a member of the group, where only jones.matt should be a member! In AD, only jones.matt is a member of that group. It’‘s grabbing the list of members to the group correctly (I see other non-WildFire users listed as expected), but is finding the wrong user! Because of this, this user doesn’'t appear to be online because the wrong account appears to be the member of the group. Wildfire seems to be matching users up based on the CN, and finds the wrong one first! Is there a way I can make it match by sAMAccountName instead?
I changed the CN of the ‘‘desktop’’ user and Wildfire found the other user as expected and correctly showed them as online.