LDAP User filter

Lynn_Radmall · November 9, 2007, 6:34pm

I am trying to create a user filter based on membership of groups called “OpenfireIM*”

Here is the filter that I am tring to use: (&(member=OpenfireIM*)(objectClass=group)(sAMAccountName=))

I know that it is not correct, I need some help.

Any suggestions?

Petr_Bouska · November 9, 2007, 8:56pm

It can be done like this:

(&(objectClass=organizationalPerson)(memberOf=CN=OpenfireIM,OU=Objects,DC=Compan y,DC=local))

you are looking for user, so objectClass=organizationalPerson

and you cant use * in name, you must use Distinguished Name instead

Lynn_Radmall · November 9, 2007, 9:47pm

I can use this filter to get the users in a specific group:

(&((objectCategory=Person)(memberOf=CN=OpenfireIM_Executives,CN=Users,DC=country ,DC=company,DC=com)))

Which gets me close, but what I need to do is get every user that is in a group that contains “OpenfireIM” at the begining of the group name. I was thinking

it might be possible like this:

(&((objectCategory=Person)(memberOf=CN=OpenfireIM*,CN=Users,DC=country,DC=compan y,DC=com)))

But, no go.

Is it possible to get all the users in multiple groups?

Thanks,

Lynn

Bill1 · November 9, 2007, 11:47pm

What I do is this…

For users, I use:

<searchFilter>(&(objectClass=user)(memberOf=CN=WF_Allusers_U;CN=Users ;DC=*****))</searchFilter>

For my groups, I use this, all of my Wildfire/Openfire groups start with WF_

<groupSearchFilter>(&(objectCategory=Group)(objectClass=group)(CN=WF_ *))</groupSearchFilter>

What I did was add every user to the WF_Allusers_U group and then into their various other roster groups…

Works great for me

Chase1 · November 10, 2007, 12:26am

It looks like LDAP filter syntax can’t support the wildcard in a full DN specification like that. You should at least be able to filter the groups that get loaded, and then it shouldn’t automatically load the users not associated with those groups.

jeff_garner · November 11, 2007, 10:13am

if you want to have multiple groups with the same name across separate OU’s try this as well:

(&(objectClass=userproxy)(uid=)(|(memberof=CN=IM,OU=Groups,OU=TREE1,DC=BLAH,DC=COM)(memberof=CN=IM2,OU=Groups2 ,OU=TREE2,DC=BLAH,DC=COM)))

Jeff

Lynn_Radmall · November 12, 2007, 5:45pm

I think that I figured out the group issue, but now it does not show when a user logs on or off, only the state of other users at the time of logging on, anyone seen that before?

Lynn_Radmall · November 12, 2007, 9:28pm

I rebuilt the openfire server and all is well. Thanks for your help.

tehila · September 22, 2015, 9:23am

hi

i also have same problem. im trying to use user filter like this : ((&(objectClass=organizationalPerson)(memberOf=CN=domain_users,OU=Objects,DC=Of fice,DC=local)) and when i do the test checking its fails. any suggestions what the problem might be? ill be more than happy if you can explain to me step by step what to do.