Entity based AD group membership

suderman · 2011-09-29 12:30:59

Hello,

Does anyone know how to automatically assing users to specific entity basing on their Group membersip in Active Directory ?

All users are in the same OU and I can't change it.
I wanted to assign users to specific entities basing on their group membership.

For example if the user is a member of the GG-THS group he will be added to the THS Entity.
I have added addtional criteria called "memberof" in the Home >Setup >Dropdowns > LDAP criterias
and created automatic Rule that assign entity if the criteria "member of" contains specific group name but it doesn't work.

Anyone have experince in such things ?

Thanks.

wawa · 2011-09-29 12:36:19

Hello
First of all is the memberof attribute available in the user object (can an ldap browser see it ?). It should be the case, but I already experienced some AD where it's not the case.

in case it's not available, you can import the group from AD (or create it by hand and put the right group's dn) and then use the rules criteria "LDAP group"

suderman · 2011-09-29 13:27:52

Hello,

thanks for You answer.

When I browse the domain (Windows 2008 R2) I can see this attribute in user properties although it's a filetered as "Backlinks" attribute but it seems that GLPI doesn't "see" completely this attribute.

wawa · 2011-09-29 13:30:21

in this case, can you try to import the group (menu Administration => Group => Import from LDAP) ?
then synchronize a user belonging to this group to be sure that it works

Forum GLPI-Project

Announcement

#1 2011-09-29 12:30:59

Entity based AD group membership

#2 2011-09-29 12:36:19

Re: Entity based AD group membership

#3 2011-09-29 13:27:52

Re: Entity based AD group membership

#4 2011-09-29 13:30:21

Re: Entity based AD group membership

Board footer