LDAP/ActiveDirectory: Optimise Group Filter for nested groups

the current zammad LDAP integration filters groups via “(objectClass=group)”.

Unfortunately this filter does not fetch users, that are assigned via a “group in group” construct:

• zammad admins set to: cn=zammad_admin,ou=groups,ou=corp,dc=intra,dc=net.
• ldap group “cn=zammad_admin,ou=groups,ou=corp,dc=intra,dc=net” contains group “cn=admins,ou=groups,ou=corp,dc=intra,dc=net”

Changing the filter to "memberOf:1.2.840.113556.1.4.1941:=cn=zammad_admin,ou=groups,ou=corp,dc=intra,dc=net.)
would result in recursive group expansion - users added via groups are now added to zammad admins
(see active directory - ldap nested group membership - Stack Overflow)

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

I’m closing this feature request as duplicate in favor for the more detailed LDAP nested Groups [Active Directory]