Hi all, my company has multiple LDAP servers, so I can’t use bind_dn=DOMAIN%s because there are many domains. I have to use bind_dn and bind_password instead. They support memberOf attribute.
I am asked to only allow users that belong to BOTH security groups. How do I do it?
I tried to add 2 memberOf filter into search_filter
but that doesn’t work because the bot account I used for bind_dn doesn’t belong to any of the groups. So I got “Authentication failed” with the LDAP server
[[servers.group_mappings]]
only supports 1 group so it will be an OR group membership checking and not AND. Can I use group_search_filter
for this?