(imported topic written by JanGrimm)
Hello
We would like to use an LDAP group filtering with the TSP. Unfortunately this seems to not work correctly. Microsoft knows “objectclass = groupOfNames” not only “objectclass = group”
base directory is: OU = TestOU, DC = domain, DC = local
the user are in under OU’s within the “TestOU”. the groups are in an under OU.
The user authentication works without problems. as soon as I enable group filtering it does not group with the user.
Group is “Mobile Device Users”
following commands I executed:
tsp.bat config ldap_group_filter “(objectclass = group)”
tsp.bat config ldap_allowed_groups “[‘Mobile Device Users’]”
to test whether I have the group moved directly into the TestOU with the same result at the OU is below:
“Group membership failed: User does not belong to allowed to group”
thanks for the help
regards
Jan