LDAP AD Extended Query with 2 groups



  • Hi guys,
    I am having trouble setting up 2 different groups in LDAP Extended Query (Active Directory)
    Everything works fine if I set it up with 1 group using the Extended Query:
    “memberOf=CN=pfSenseAdmins,CN=Users,DC=idc,DC=us”

    I need to add: “memberOf=CN=pfSenseUsers,CN=Users,DC=idc,DC=us” to the Query as well, but couldn’t figure out how.

    Things I have tried so far but failed:
    (&(memberOf=CN=pfSenseAdmins,CN=Users,DC=idc,DC=us)(memberOf=CN=pfSenseUsers,CN=Users,DC=idc,DC=us))

    (&(|(memberOf=CN=pfSenseAdmins,CN=Users,DC=idc,DC=us)(memberOf=CN=pfSenseUsers,CN=Users,DC=idc,DC=us))(sAMAccountName=%s))

    Any help would be greatly appreciated.

    Thank you,


  • Netgate Administrator

    So to be clear both those queries work individually but you want to authenticate only users who are members of both groups?

    If you authenticate a user who is a member of both in Diag > Auth does it return both groups?

    Where exactly are you using this?

    Steve



  • @stephenw10 said in LDAP AD Extended Query with 2 groups:

    clear both those queries work individually but you want to authenticate only users who are members of both groups?

    Sorry, I wasnt being clear in previous post. I found this post to be similar to my issue:
    https://forum.netgate.com/topic/103988/ldap-extended-query-with-multiple-groups

    The solutions in there did not work for me. Is there a way to make this work? My pfSense version is 2.4.2.

    Thank you,


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy