Hello, I hope this isn’‘t too repetitive, I checked the archives and didn’'t really see an answer that cleared things up.
Can someone tell me if it’'s possible to search for users within an Active Directory security group? The way we have our AD designed, we have have about 1500 users grouped according to regional office and then use group policies to administrate everything. I only want about 100 of very specific users to have access to the Jive and Exodus clients so I would like to create a security group and add those users instead of copying the objects into another OU as that would involve a lot of stress from management to add/reconfigure the tree.
I’‘ve tried the following statement but it wouldn’'t even let my admin account login to the adminstrator console.
Were you able to configure Messenger with AD following the basic configuration? Do you have a simple query that works for everyone and you can log into the admin account, or does this specific query not work? It’‘s not clear whether you’'ve configured jive correctly and now are trying to restrict the users that are qualified to use messenger.
Let’'s start with a working configuration and then add your additional security requirements.
AD does currently work as I can not only log in, but if I put the root of the domain, I can see all 1500 of my users (active and inactive). It takes a darn long time to load the users page when I do have the root listed as the baseDN in the .xml file. I’‘m not sure if this would be the best way or not but I was thinking that creating a seperate OU and placing a security group in there with the 100 users I want to access IM would make things much faster as it doesn’'t have to scan the entire tree.
I’‘m not well versed in ldap so I’'m not sure what options would work in a search filter.
Did you get any results? I´am trying to use a security group with just the users I want to get access to Jive. So I created a security group called jive with the users, the group is on the OU Groups, here is my .xml file:
What can be wrong?
Thanks Noah.
AD does currently work as I can not only log in, but
if I put the root of the domain, I can see all 1500
of my users (active and inactive). It takes a darn
long time to load the users page when I do have the
root listed as the baseDN in the .xml file. I’'m not
sure if this would be the best way or not but I was
thinking that creating a seperate OU and placing a
security group in there with the 100 users I want to
access IM would make things much faster as it doesn’'t
have to scan the entire tree.
I’‘m not well versed in ldap so I’'m not sure what
It works like a charm now, I actually speeded it up by changind the objectCategory to User instead of Person. It was still odd because I had tried dozens of combinations and never got it to work, I finally did and I’‘m sure I’'ve used that combo of adminDN location and baseDN and search filter before. Oh well…
Let me know if you want me to post my search filter.
My LDAP configuration is working fine to!!! Look like so simple now…
An the most interesting is that i was testing the jive server in a windows machine with a pentium 4 2.8 GHz and 512 MB of RAM and was a slow to get the users from AD, so I installed in a linux pc with a pentium 500 MHz and 256 MB and is much faster!
The server is supporting 120 users, and everything is going wonderful!