We're using the LDAP plugin to import persons into our application and create user accounts for these persons (optional). The customer has configured the A(ctive) D(irectory) in such a way that the structure mirrors their organisation structure. Not all users in a department are using our application however. The desctinction is made using a special group for our application, all users that are a member of this group should become persons/users in our application. As far a I can see however it is not possible to request all members of a AD group, you can only specify a node/map in the AD, after which all users in this node/map will be imported. Is this assumption correct, is what I want, importing all members of a AD group, not possible with this version of the LDAP plugin (_LDAP Version 2.0 alpha)? We've been able to query the AD in such a way using a LDAP query tool, that it returns all users in the specified group using this query(censored): (&(objectClass=user)(memberOf=[GROUP],CN=[NODE],OU=[NODE],CN=[NODE],DC=[DOMAIN],DC=[DOMAIN],DC=[DOMAIN])) Would it be an option to integrate this kind of querying in the LDAP plugin?
Ivo de Boer
We had the same problem.
I had to rewrite the ldap module to be able to cater for our needs. Unfortunately, due to company policy, I won't be bale to share the code, but if you have Java background, it is fairly simple.