You can view and manage security groups that Passwork loads from LDAP in the 

1. Your Security group settings
2. Perform a group list force reload
3. A list of groups

Each group can have one of the following values in the 

An administrator can restrict user authorization. If the restriction is enabled, a user will be able to authorize and register only if they belong to one of the selected groups.

You can quickly view a list of users in a particular group by clicking the pop-up button near the group's name:

Security groups load from LDAP in the following sequence:

If you change the DN group search request or delete a group that was previously used on the LDAP server, deleted groups and groups that were not found will receive a 

On the Groups tab, you can find the settings that Passwork will use when loading a list of security groups from LDAP:

 (DN) to define the part of the Active Directory Passwork should download from. For example:

You can use a DN filter to determine what kind of data can be searched on LDAP. For example:

(|(objectclass=group)(objectclass=organizationalRole)(objectclass=posixGroup))

It is possible to add an additional DN and filter requests to get groups from two independent tree-like structures of the LDAP server.

Additional DNs and filters help expand the group search and management capabilities, providing more flexible system settings. For example, if security groups are located in several LDAP trees, adding an additional DN and filter request for each tree will eliminate the need for long and resource-intensive download of the entire structure.

You can learn about the features of DN filters and see more examples of syntax on the 

User management

Security groups

LDAP synchronization

Technical documentation

Technical requirements

Online installation

Offline installation

Linux

Windows Server

Untitled

Ubuntu

Debian

Alma/Rocky/CentOS

Enabling SWAP file on Linux

Docker

Windows Server (PowerShell)

Manual code updates

Migration from installer to PowerShell

Installation migration

Passwork update

Define encryption mode

Windows Server (installer)

Linux (Git)

Passwork update to version 6.5

Initial data migration

Confirm migration in customer portal

Upgrade PHP to 8.3

Passwork update to version 7

Migration of Passwork database objects

Data migration in the Passwork web interface

Actions after migration

Migration to Passwork 7

Health check

Python connector

CLI utility

Docker container for CLI

API & Integrations

SSL Termination

Emergency mode

About config.env

Security settings

Security

Configuring Cron for Linux

Configuring Windows Task Scheduler

Background tasks

Configuring the Event Viewer

Events list from the Activity Log

Recording Activity log to Syslog or Event Viewer

Mailer config

Setting up mail notifications

In case of errors

MongoDB

Updating Passwork components

Mobile applications

Adding a server

Users

Groups

Synchronization

Test authorization

LDAPS setup

DN filters

LDAP settings

Configuring SSO with Keycloak

Configuring SSO with AD FS

Configuring SSO with Microsoft Entra ID (Azure AD)

SSO settings

Examples of creating and restoring MongoDB backups

Examples of authorization settings

Database

Standard installation

Manual installation

Administration

Passwork 6

Mapping LDAP security groups with roles in Passwork

Migration to Passwork 6

Passwork 5

How to update Passwork 4→5 version

Debian 10

Windows server 2016/2019

CentOS

Passwork 4

Update to Passwork 4

Passwork 3

Legacy

User manual

Passwork 6.1

Passwork 6.2

Passwork 6.3

Passwork 6.4

Passwork 7.0

Release notes

Help center