I’'m trying to list the groups that exist in our Active Directory environment in Wildfire but so far unsuccessfully.
The problem is that our baseDN = domain.com, which has separate OU’'s, for example:
ou=groups,dc=domain,dc=com
ou=users,dc=domain,dc=com.
When I set the basedn to ‘‘domain.com’’, I am unable to login as user ‘‘xyz’’, if however I set the basedn to ‘‘ou=users,dc=domain,dc=com’’, users are able to login but obviously the listing of groups doesnt work anymore.
I presume I have to fix this by setting up searchfilters… but you can’'t limit a search to a specific OU can you? if so… how can I do this?
That’‘s not the point; there is actually 3 OU’'s at top-level
ou=maillists,dc=domain,dc=com
ou=local groups,dc=domain,dc=com
ou=recipients,dc=domain,dc=com
I want to limit the group lookup to OU=Recipients, and nothing else…
To clear things up a bit more, I want to list ALL groups inside ou=local groups, and I want to list ALL users inside ou=recipients, but I dont want to list anything on top-level; so my filter has to include the OU
would you please post your configuration and enable the LDAP debug logging? So you should see why “if I set the basedn to “dc=domain,dc=com”, Logging in as user xyz won’'t work” causes problems.