LDAP group filter not working properly

Dennis5 · May 21, 2012, 5:26pm

Using 3.7.1 on Win2k8 R2 I am using LDAP for user/group management. I have the following LDAP user filter configured which works fine:

(&(objectClass=user)(memberOf=CN=gg_Openfire_Users,OU=APPLICATIONS,OU=SECURITY_G ROUPS,DC=contoso,DC=local))

Now, when I want to issue a group filter:

(&(objectClass=group)(memberOf=CN=gg_Openfire_Users,OU=APPLICATIONS,OU=SECURITY_ GROUPS,DC=contoso,DC=local))

Openfire returns zero results. If I remove the objectClass=group portion Openfire returns results, but is shows each member of the group as a group with 0 members. For example, Jon Doe is a member of gg_Openfire_Users but according to the group results Jon Doe is also a group with 0 members.

Any idea why it would be doing this??

Dennis5 · May 21, 2012, 6:48pm

Ok, so I figured it out. I was using the same security group for both the user filter and the group filter while the group itself has no groups as members . I created a second group called gg_Openfire_Groups and added my security groups as members. From there I was able to get into the group and share it.