OBIEE - users from AD but only from few specific groups

0
votes

I want have in my OBIEE users from AD, but only members of few specific groups (where prefix group is OBIEE - e.g. OBIEE_DEV, OBIEE_PRD, OBIEE_RAP).

I tried in WebLogic Console -> provider Specific in field "All Users Filter:" use "(&(sAMAccountName=*)(objectclass=user)(MemberOf=cn=OBIEE*,OU=_Groups,DC=compa,DC=ad,DC=intra))" but it doesn't work.

OBIEE 12.2.1.4.0

Please help me

1
active-directoryldapobiee
"it doesn't work" - what does that mean? LDAP queries are LDAP queries, so if your query string is wrong, then it won't work.Chris
sorry, I pasted it wrong. I didn't use exit sign \ before *. In LDAP queries doesn't work sign *Adrian K

1 Answers

1
votes

Wildcards are not supported in the DN of a memberOf when searching AD. You can create a group into which you place all of our OBIEE groups (TopLevelOBIEEGroup in the example below) and then use a filter like:

(&(objectClass=person)(memberOf:1.2.840.113556.1.4.1941:=CN=TopLevelOBIEEGroup,ou=_Groups,dc=example,dc=com))

Or you can use an "or" operator within your filter to list the groups

(&(objectClass=person)(|(memberOf=cn=Obiee1,ou=_Groups,dc=example,dc=com)(memberOf=cn=Obiee2,ou=_Groups,dc=example,dc=com)(memberOf=cn=Obiee3,ou=_Groups,dc=example,dc=com)))