Security groups

You can view and manage security groups that Passwork loads from LDAP in the Groups tab of LDAP settings.

Each group can have one of the following values in the Status field:

An administrator can restrict user authorization. If the restriction is enabled, a user will be able to authorize and register only if they belong to one of the selected groups.

You can quickly view a list of users in a particular group by clicking the pop-up button near the group's name:

Security groups load from LDAP in the following sequence:

If you change the DN group search request or delete a group that was previously used on the LDAP server, deleted groups and groups that were not found will receive a Deleted status when you perform a search again.

On the Groups tab, you can find the settings that Passwork will use when loading a list of security groups from LDAP:

Specify the Distinguished name (DN) to define the part of the Active Directory Passwork should download from. For example:

You can use a DN filter to determine what kind of data can be searched on LDAP. For example:

It is possible to add an additional DN and filter requests to get groups from two independent tree-like structures of the LDAP server.

To do so, click the Add DN and filter button located under the Filter for DN section, then fill in the fields.

Additional DNs and filters help expand the group search and management capabilities, providing more flexible system settings. For example, if security groups are located in several LDAP trees, adding an additional DN and filter request for each tree will eliminate the need for long and resource-intensive download of the entire structure.