Active directory - Allow active directory authentication only to a certain group

damien.ak · August 18, 2025, 2:08pm

Good day,

We are trying to configure Active Directory (licenced) with a specific base DN with these restrictions:

base dn pointed to:
- DC=myAD,DC=ORG
main users are located in:
- OU=main-entity,OU=group-name,DC=myAD,DC=ORG
other users can be located in:
- OU=entityX,OU=CUSTOMERS,DC=myAD,DC=ORG

Our goal is to allow access to main users & to specific users in others OU (#3)

I tried this setup

Allow active directory authentication only to a certain group:
- CN=GRP-XWIKI,OU=CUSTOMERS,DC=myAD,DC=ORG

Where the security group GRP-XWIKI contains members who are not in the same OU (main users and other users in different location (entityX)).

The restriction on the group authentication does not seem to apply. Is there anyone to assist?

Thank you for your help.

Damien

nikpetrenko · August 19, 2025, 7:25am

Hello Damien,

Welcome to XWiki community forum,

It’s totally fine to ask for help or start a discussion, but your message contains one key word (licensed), which directly refers to a pro extension. Asking for help or support with that on the community forum is not the most appropriate place. If you’ve purchased the extension, your license includes a support contract for professional help from XWiki SAS.

damien.ak · August 19, 2025, 11:23am

Hello, thanks for your reply. I will do so.