We connected Weblogic to our LDAP server (iPlanet type) and successfully imported all users and groups.
No we want to filter on the users being in one group (we are not interested in all users)
With an ActiveDirectory LDAP Provider you can set at the All Users filter & User From Name filter:
(&(sAMAccountName =*)(memberOf= CN=OBIEE,OU=Security,OU=Groups,OU=COMP1,DC=COMPANY,DC=com)(objectclass=person))
With this filter in place, only users that are member of "CN=OBIEE,OU=Security,OU=Groups,OU=COMP1,DC=COMPANY,DC=com" will be able to login.
Now we are migrating the LDAP server from ActiveDirectory to iPlanet.
The structure of this system is:
The relation between users and groups is stored on group level.
Does anyone know if this is possible and what the structure of the filter is?