0 Replies Latest reply: Feb 18, 2013 6:38 AM by 494843 RSS

    LDAP - Filter on groups (iPlanet)

    494843
      We connected Weblogic to our LDAP server (iPlanet type) and successfully imported all users and groups.
      No we want to filter on the users being in one group (we are not interested in all users)

      With an ActiveDirectory LDAP Provider you can set at the All Users filter & User From Name filter:
      (&(sAMAccountName =*)(memberOf= CN=OBIEE,OU=Security,OU=Groups,OU=COMP1,DC=COMPANY,DC=com)(objectclass=person))

      With this filter in place, only users that are member of "CN=OBIEE,OU=Security,OU=Groups,OU=COMP1,DC=COMPANY,DC=com" will be able to login.

      Now we are migrating the LDAP server from ActiveDirectory to iPlanet.
      The structure of this system is:

      GROUPS
      GRP OBIEE
      uniqueMember:MVL
      uniqueMember:DFG
      USERS
      uniqueMember: MVL

      The relation between users and groups is stored on group level.
      Does anyone know if this is possible and what the structure of the filter is?

      Thanks in advance.