LDAP Group doesn''t show all users

Hello all,

I’‘ve been reading a lot today setting up Wildfire to work with AD. So far I’‘ve been able to get all AD users to authenticate without a problem, I can see the user list in wildfire and it shows all users, but there is something that I can’'t figure out.

If I go into the group summary, I can see all my AD groups. There is one that I’'m interested in, and that is the Domain Users group. Our AD structure is pretty simple, we have all active users under the default Users container. All disabled accounts are moved to a Disabled Accounts container, our service accounts are in a different one. In the end, all users under this Users group are the ones who will be allowed to log in.

My problem is… My Domain Users group (when looking at it from the Wildfire console) only has 3 users in it! I’‘m sharing this group and it shows on all users’’ rosters, but they only see these 3 users. The odd thing is, if I get the members list from AD I can see all my users there, but the LDAP query is not getting them off the DC.

Any suggestions? I have other user groups that show up complete. For example I have a VPN access user group and I can see al 148 members in wildfire. I created another IMTest group and I can see all users I add onto this one. I want to use the Domain Users group so that whenever a new user is created, or a user account is disabled or whatever, wildfire will update the list without people having to remember to also edit the IMTest group to reflect any changes.

Here’'s my conf file:

           <vCard xmlns=''vcard-temp''>
                <FN attrs="displayName"></FN>


I have commented the groupsearchfilter line but it doesn’'t make a difference. I use it to restrict it to only search for the Domain Users group but it still shows up with only 3 users.

Thanks for the help.


I have a feeling that with LDAP a user won’'t appear if the group is their primary group. Try creating another group, put users inside that and see if that works in Wildfire.