I appreciate that I might be jumping the gun here, but I’‘m trying to get LDAP groups working. The difficulty I have is that our LDAP setup uses a different base DN for groups than for individual users, and I can’'t see an option to set a “groupBaseDN”. Is there one? And if not, could there be one? Please…
Hmmm…actually it’'s worse than that…the group members are in one object class, and the group description is in another, with a different DN
Message was edited by: hammoaj
hammoaj, can you post your wildfire.xml (remove as much as you need to feel comfortable with posting it here, but leave as much as people need to figure out what’‘s going on) – specifically the baseDN, searchfilter and groupfilters are what’'s needed.
Also, you might need to provide some information regarding how your domain is configured and the OUs etc.
I’‘ve successfully had groups and users in two different top-level OUs and they could see one another… with some specific things that didn’‘t work (i.e. not all users could see all groups until we moved some things around). Wasn’'t a problem for us as it was part of a migration project.