Hello,

it seems like there is no (obvious) support for using groupOfUniqueNames (with openLDAP) to sync groups and stream membership. Apparently the filter at the bottom (for only allowing certain user to log in I guess?) does indeed support it.

I am using the ou containing all group as the content of "group base dn" and tried
(&(cn=#{groupName})(uniqueMember=#{userdn})) and
(&(cn=#{groupName})(uniqueMember=#{username},ou=<full ou / dc path>))
for the filter itself.

Any idea what the correct syntax would be?