LDAP User advanced search query

Hi All,

I have a question… Hopefully its an easy one to anwser.

I have setup my env to use LDAP authentication. However i would like to further filter to not allow all ldap users to login but enforce that the user exists and belong to at least one listed security group…

              - myldap.blah:636
            bind_dn: "CN=......com"
            password: "*********"
            userbase: "OU=Users,*****,DC=com"
            **usersearch: '(SAMACCOUNTNAME={0})'**
            username_attribute: "SAMACCOUNTNAME"

With the highlight text above… How to i do an advanced filter where samaccountname={0} and member of sec group before allowing login?



PS. Sorry newbie! if this is a silly question.

@timothy.sing If I understand you question correctly it is not possible as of yet.
Any user that successfully authenticates via LDAP will have access to Opensearch, but no roles will be provided, therefore no privileges to read/write.
There is already a ticket for this here
Perhaps bumping this ticket up with a comment might be a good idea