powered by Jive Software

Search filter and AD security groups

Hello, I hope this isn’‘t too repetitive, I checked the archives and didn’'t really see an answer that cleared things up.

Can someone tell me if it’'s possible to search for users within an Active Directory security group? The way we have our AD designed, we have have about 1500 users grouped according to regional office and then use group policies to administrate everything. I only want about 100 of very specific users to have access to the Jive and Exodus clients so I would like to create a security group and add those users instead of copying the objects into another OU as that would involve a lot of stress from management to add/reconfigure the tree.

I’‘ve tried the following statement but it wouldn’'t even let my admin account login to the adminstrator console.

any advice?

I have the same problem!

Were you able to configure Messenger with AD following the basic configuration? Do you have a simple query that works for everyone and you can log into the admin account, or does this specific query not work? It’‘s not clear whether you’'ve configured jive correctly and now are trying to restrict the users that are qualified to use messenger.

Let’'s start with a working configuration and then add your additional security requirements.

Noah

Thanks Noah.

AD does currently work as I can not only log in, but if I put the root of the domain, I can see all 1500 of my users (active and inactive). It takes a darn long time to load the users page when I do have the root listed as the baseDN in the .xml file. I’‘m not sure if this would be the best way or not but I was thinking that creating a seperate OU and placing a security group in there with the 100 users I want to access IM would make things much faster as it doesn’'t have to scan the entire tree.

I’‘m not well versed in ldap so I’'m not sure what options would work in a search filter.

Thank you for any insight you can give me!

phil.

One tool that I found very helpful for tweaking ldap queries is http://www-unix.mcs.anl.gov/~gawor/ldap/

Since it’'s all written in java, you can emulate what Messenger is doing. You can also run queries to check immediately what you get back.

Noah

Pmac,

Did you get any results? I´am trying to use a security group with just the users I want to get access to Jive. So I created a security group called jive with the users, the group is on the OU Groups, here is my .xml file:

What can be wrong?

Thanks Noah.

AD does currently work as I can not only log in, but

if I put the root of the domain, I can see all 1500

of my users (active and inactive). It takes a darn

long time to load the users page when I do have the

root listed as the baseDN in the .xml file. I’'m not

sure if this would be the best way or not but I was

thinking that creating a seperate OU and placing a

security group in there with the 100 users I want to

access IM would make things much faster as it doesn’'t

have to scan the entire tree.

I’‘m not well versed in ldap so I’'m not sure what

options would work in a search filter.

Thank you for any insight you can give me!

phil.

hcosta, I finally got it to work.

It works like a charm now, I actually speeded it up by changind the objectCategory to User instead of Person. It was still odd because I had tried dozens of combinations and never got it to work, I finally did and I’‘m sure I’'ve used that combo of adminDN location and baseDN and search filter before. Oh well…

Let me know if you want me to post my search filter.

phil.

Hello pmac2,

My LDAP configuration is working fine to!!! Look like so simple now…

An the most interesting is that i was testing the jive server in a windows machine with a pentium 4 2.8 GHz and 512 MB of RAM and was a slow to get the users from AD, so I installed in a linux pc with a pentium 500 MHz and 256 MB and is much faster!

The server is supporting 120 users, and everything is going wonderful!

“viva o linux”

so I installed in a linux pc with a pentium

500 MHz and 256 MB and is much faster!

wellcome to the club yeah, linux rockz