Legacy
...
Administration
LDAP settings

Security groups

7min
you can view and manage security groups that passwork loads from ldap in the groups tab of ldap settings 1\ your security group settings 2\ perform a group list force reload 3\ a list of groups each group can have one of the following values in the status field bound n roles indicates the number of roles matched with the group on the ldap synchronization docid\ p1ff4nezvydgz 35zndra tab deleted means that after executing the dn request, the group was not uploaded into passwork or was deleted on the ldap server an empty status field means that a group loaded, but no role was matched with it an administrator can restrict user authorization if the restriction is enabled, a user will be able to authorize and register only if they belong to one of the selected groups you can quickly view a list of users in a particular group by clicking the pop up button near the group's name security groups load from ldap in the following sequence passwork authorizes on the ldap server through an account with the user data entered on the authorization page a group search request is sent to the ldap server using default or edited dns and search filters the request result is received and groups are uploaded from the ldap server into passwork if you change the dn group search request or delete a group that was previously used on the ldap server, deleted groups and groups that were not found will receive a deleted status when you perform a search again on the groups tab, you can find the settings that passwork will use when loading a list of security groups from ldap distinguished name specify the distinguished name (dn) to define the part of the active directory passwork should download from for example ou=it,dc=passwork,dc=uk dn filter you can use a dn filter to determine what kind of data can be searched on ldap for example (|(objectclass=group)(objectclass=organizationalrole)(objectclass=posixgroup)) it is possible to add an additional dn and filter requests to get groups from two independent tree like structures of the ldap server to do so, click the add dn and filter button located under the filter for dn section, then fill in the fields additional dns and filters help expand the group search and management capabilities, providing more flexible system settings for example, if security groups are located in several ldap trees, adding an additional dn and filter request for each tree will eliminate the need for long and resource intensive download of the entire structure you can learn about the features of dn filters and see more examples of syntax on the dn filters docid\ hop51pr10zhgc7jmcrwlj page