I figured out and tested that for checking if a user is member of my group FullInternetAccess I can use this query:
(&(objectCategory=Person)(memberOf=CN=FullInternetAccess,CN=Users,DC=mydomain,DC=me))
Also I can use:
(&(sAMAccountName=myuser)(memberOf=CN=FullInternetAccess,CN=Users,DC=mydomain,DC=me))
In the documentation the example is:
'cn=worker,ou=groups,dc=example,dc=com' memberUid 'objectclass=posixGroup'
Can you help me understand what this means or translate my query to the format required by CG ?
If I execute the command:
Code: Select all
guard filter
guard filter ip <null>
guard filter time <null>
guard filter ldap test:
groupDN: DC=mydomain,DC=me
loginAttribute: sAMAccountName
ldapFilter: memberOf=CN=FullInternetAccess,CN=Users
But not working.
How can I know if:
a) The filter is working ?
b) The domain list has been successfully loaded ?
This are my other settings:
guard category WebMail
guard rule bloquea deny: WebMail
guard policy test: ldap test
Thanks,
Miguel