Trying to get LDAP / Active Directory integration so we can use different policies for different AD users and groups. Lets for example say in Active Directory I have the following structure:
OU=Company Employees
OU=Accounting
User=John Doe
User=Johhny Appleseed
Group=accounting (both above members belong to group)
OU=IT
User=Administrator
User=Joe Admin
Group=Information Technology (both above members belong to group).
In the above scenereo if I do a group test for doej@domain.com and group accounting, it always comes back that they are not a member of the group. In ADUC in that group under the e-mail field its spelled out like accounting@domain.com. So I tried this syntax in the group test but I still get that they are not a member of the group.
Failure: Action: match negative.
Reason: unknown error (assumed not a member of the group).
How do you sucessfully query for groups in this case?
