Authenticate via AD security groups

robin_shi · 2014-05-13 06:04:39 UTC

Is it possible to authenticate the user via the AD security group after set up the LDAP bridge? Any limitation e.g. <1000 users in the group?

Hope the quesiton makes sense.

Thanks.

dschoen · 2014-05-13 06:09:08 UTC

Yes you can use the LDAP Bridge to authenticate users based on AD security groups, but we're currently unable to expand "pages" that it sends back which does normally limit you to 1000 users per group - it's being worked on here https://squizmap.squiz.net/matrix/4030

robin_shi · 2014-05-13 06:23:58 UTC

Thanks David, we are running 4.18.1, does it support AD groups authentication? How about the AD groups which nest AD groups?

robin_shi · 2014-05-19 00:24:36 UTC

anyone has used AD group authentication here?

nnhubbard · 2014-05-19 03:15:51 UTC

anyone has used AD group authentication here?

We authenticate with AD, and the users are within AD groups. Is that what you mean?

robin_shi · 2014-05-19 04:00:47 UTC

We authenticate with AD, and the users are within AD groups. Is that what you mean?

Yes, currently we use the user in the OU. It'll be great to authenticate via their AD security groups.

robin_shi · 2014-05-26 00:12:48 UTC

Just give you guys an update. The LDAP group works well in Matrix.

But the domain user is the primary group, which doesn't have memberof applied, so we are not able to use this LDAP to authenticate all staffs.

all good. thanks guys.