HUB, LDAP Authentication, how to filter user by AD Group?


Sorry, I'm new on this and maybe the answer is obvious but I cannot figure out.


I configured the HUB for LDAP authentication like this

Server URL: ldap://,dc=com
Bind DN:
Filter: sAMAccountName=%u
Select SSL Key: No Key


I tried to setup the filter to only validate the users that belong to a given group, something like this:

Filter: (&(objectClass=user)(sAMAccountName=%u)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))


But it always return error "LDAP failure: invalid attribute description", what is the correct way to do this?


Thank you.


Official comment

Hello Carlos,
I'm very sorry for the delay. Unfortunately, you've faced one of our known issues:
It is fixed in the upcoming release, but in the meantime you can use the following workaround: remove the external brackets from your filter. For example, instead of `(&(objectClass=user)(sAMAccountName=%u)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))` write `&(objectClass=user)(sAMAccountName=%u)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com)`
Please let me know if we can help you any further, thank you.

I have the same problem. I've tried several combination of attributes, but the error stays the same.


Please sign in to leave a comment.