AnsweredAssumed Answered

ldap-ad filtering at point of authentication

Question asked by jbollom on Jun 16, 2014
Latest reply on Jun 26, 2014 by nickburch
Hey All,

I'm just setting up Alfresco 4.2f for the first time and currently have ldap-ad setup
I would like to restrict logins via group membership but i can not find any information on how to do this
Everything I read points to ldap sync filters but these details are not used when a user logs in
Only other thing I have read is that I can restrict users that don't exist in Alfresco from logging in but this is not really what I'm after

Is there a way to filter user logins at authentication point checking if the user is a member of a group before proceeding?
eg: (&(objectClass=user)(objectCategory=person)(memberOf:1.2.840.113556.1.4.1941:=CN=groupcn,OU=ougroup,DC=domain,DC=local)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

Thanks,
Josh

Outcomes