filter to deny access based on group membership



I'm using the mod_auth_ldap with apache to attempt to block access to a
directory based on group membership. I've successfully bound to the
active directory server and authenticated with my user id but I cannot
seem to get the filter right to find the group memberships by id. I
have no idea what the syntax should be. Here is what I have:

require filter "(&(groupmembership=ABC*))"

Can this be done? How do I find out if they are a member of a group if
there are many groups listed?

Pablo E. Colazurdo

The Attribute name is MemberOf ... but this will return an array of all the
groups a user is member of ... so you may need to iterate through the array
to check if the group is there

Hope it helps,
Pablo E. Colazurdo

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question