Need further information for LDAP

I need some further information about LDAP integration. I have OU and Group hierarchy as below,

  • OU 1
    • Security Group 1 (contain User 3 from OU 2)
    • Security Group 2 (contain User 1 and User 2)
    • User 1
    • User 2
  • OU2
    • User 3
    • User 4

To tighten the user access, in LDAP configuration I only set user DN to OU 1 and Group DN within OU 1. But the Security Group 1 and User 3 does not sync to the system but no issue for Security Group 2. Is this how the behavior works?

Hello @funmix

Could you share some information about this case? I need to know:

  • what LDAP server do you use;
  • a screenshot of the LDAP settings in the Control Panel.

Waiting for your reply.

Hi @Constantine

Apologize for late in reply. Please find the information below

1- Microsoft Active Directory
2- Involving some sensitive information. I will drop you a PM.

Thank you

Thanks for the shared screenshots.

As I can see on the reference you have inserted lots of filters to the User DN field but there can be stated only one. You have to use upper-level catalog where all OU’s are located and so the users.
For further setup you have to use User Filter field to import users from different OU’s. The example of how the filter should look like goes like this:
(&(objectCategory=person)(objectClass=user)(userPrincipalName=*)(|(memberOf=cn=GROUP1,ou=OU1,dc=domain,dc=local)(memberOf=cn=GROUP2,ou=OU2,dc=domain,dc=local)(memberOf=cn=GROUP3,ou=OU3,dc=domain,dc=local)))

HI @Constantine

Thank you for the advice and apology for late respond. I run the test and it is work as what I expected.

Thank you!

Glad to hear it!