filter to deny access based on group membership

J

jaime

I'm using the mod_auth_ldap with apache to attempt to block access to a
directory based on group membership. I've successfully bound to the
active directory server and authenticated with my user id but I cannot
seem to get the filter right to find the group memberships by id. I
have no idea what the syntax should be. Here is what I have:

require filter "(&(groupmembership=ABC*))"

Can this be done? How do I find out if they are a member of a group if
there are many groups listed?
 
P

Pablo E. Colazurdo

The Attribute name is MemberOf ... but this will return an array of all the
groups a user is member of ... so you may need to iterate through the array
to check if the group is there

Hope it helps,
Pablo E. Colazurdo
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trying to filter/sort/find by Group Membership in ADUC 1
Denying Changes to Group Membership 2
cannot add local user to local group 6
Hiding Membership of Global Security Groups 1
Hide group membership? 4
Deny account operators from deleting users 1
Using AD to test for group membership 1
How to verify why user group membership is failing 4

Top