AnsweredAssumed Answered

UCSD 5.2: Proper use of LDAP users and groups?

Question asked by Ben Conrad on Jan 18, 2015
Latest reply on Feb 25, 2015 by michzimm

I'm using UCSD 5.2 and have setup LDAP integration to my Active Directory domain controllers (SSL, port 636).  I'm getting a list of AD objects, I know that is working.


In our AD, users are in an OU named _Users and groups are in an OU named _Groups, both OUs are at the same level, so there are no user accounts in the _Groups OU and no groups in the _Users OU.  I can specify a users OU in the Search Base and I see all the users listed in the Login Users tab and I can log in using a test user because it has automatically been allocated the 'Service End-User'.


Normally, in AD, we assign users to a specific group (like DOMAIN\UCS Portal Users) and would want to assign permissions using the AD groups.  If I specify a Search Base of _Groups I can see the AD groups but I don't see the users any longer.  I cannot login when I can't see the users.


What is the proper way for me to use the existing AD groups and allow several thousand users access to the UCSD user portal?