Question

Active Directory: Nested Groups

4 years ago
August 18, 2020
1 reply
1 view

henryxyz
Contributor
13 replies

Trying to get limitations in policies working with Active Directory. We have LDAP connectors and they can resolve users and groups, but cannot list members IN groups. It does work if the user is directly listed in the AD group, but not if they exist in a group within the group. Before I go down the rabbit hole of trying to "hunt and peck" the correct configuration, have folks ever got LDAP groups to work where nested groups are involved. Nested in this context means a Universal Group with one layer of Global Groups are nested in it. The idea is to not have users individually defined in the groups, but one layer of groups.

+15

cbrewer
Esteemed Contributor
719 replies
4 years ago
August 18, 2020

Yes, nested group searches works.

Do you have "Use recursive group searches" checked under the "User Group Membership Mappings" tab?

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

Restrict logon to specific Active Directory Groupsicon

Problem restricting policy scope by Active Directory groupicon

ARD intermittently not allowing AD authenticationicon

Can you include AD groups into the specified users for ARD?icon

List all members of a local groupicon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings