powered by Jive Software

LDAP Authentication via AD Group membership

preamble: apologies if this subject has been listed and addressed before - if so, pls provide link to relevant forum post.

I am running Wildfire v3.2.2 with LDAP auth. Works like a charm. All users from base DN have populated into Wildfire and can authenticate without issue.

My question: I would like advice on how to restrict authentication to a single (or multiple) AD groups.

I have read many posts looking for this, and would be grateful of the location and syntax to use in the LDAP config of the ‘‘Server Properties’’ menu item.



Message was edited by: ncross

There isn’'t a direct answer to this, as each company stores their data within Active Directory differently.

At a high level, you need to create an appropriate group filter. I would recommend taking Wildfire out of the equation while you are building the filter by using a tool that queries your AD installation over LDAP directory–like JXplorer.

Well… after about 3 hours testing … it would seem I have it sorted…:0

<searchFilter>(memberOf=CN=Blah,OU=Users,DC=your,DC=domain,DC=com)</sea rchFilter>

‘‘the search filter does not accept wild cards’’

to clarify - configuration of the above allows me to restrict authentication to wildfire by AD group membership

Hope this helps another…