I’ve added a group to my ldap.searchfilter property and I am no longer able to login to the openfire console.
It worked fine with 2 groups and one additional filter to limit disabled accounts… but when adding in another group it kills the ability to find the users during authentication.
Here is the one that worked:
(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556. 1.4.803:=2))(|(memberOf=CN=IM_M,OU=Groups,DC=SCSDU,DC=local)(memberOf=CN=IM_U,OU =Groups,DC=SCSDU,DC=local)))
Here is the one that did not work:
(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556. 1.4.803:=2))(|(memberOf=CN=IM_M,OU=Groups,DC=SCSDU,DC=local)(memberOf=CN=IM_SDU, OU=Groups,DC=SCSDU,DC=local)(memberOf=CN=IM_U,OU=Groups,DC=SCSDU,DC=local)))
I’ve tried using wildcards IM_* and IM_% to shorten the group section, but they don’t work.
I’d like to know the character limit for this field, and ask if anyone can adjust my filter to make it work better (shorter?)
Thanks
Rich