Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Need to exclude a global LDAP group

Glenn Engel1
Glenn Engel October 11, 2012

We are planning on switching our confluence instance to use LDAP but we need to exclude some company wide AD groups in the process as they have the same name as some confluence groups such as 'confluence-administrators'.

I am trying to achieve this via a search filter but nothing I have tried works.

This is one filter I tried but the system won't even start with this filter.

<groupsearchfilter>(&(objectClass=group)(!(dn:=confluence-administrators)))</groupsearchfilter>

Can you advise on the proper syntax to achieve excluding a group?

Thanks.

Answer
Watch
Like Mo Beigi likes this
2545 views

4 answers

1 accepted

1 vote
Answer accepted
Septa Cahyadiputra
Septa Cahyadiputra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 11, 2012

Hi Tony, and Glenn,

Try to replace & to &amp and see how it goes. So your filter should be somthing like this

(&amp;amp;(objectClass=group)(&amp;#33;(cn=confluence-administrators)))
(&amp;amp;(objectClass=group)(&amp;#33;(dn:=confluence-administrators)))

Hope it helps.

Cheers,
Septa Cahyadiputra

Reply
1 vote
Tony Tony6
Tony Tony October 12, 2012

Finally got it. The example from Septa was just ONE character off. Finally found the help I needed here :

https://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters

Here was the filter that worked, again, Septa was very close!

(&amp;(objectClass=group)(&#33;(cn=confluence-administrators)))

Thanks to all for the help.

View More Comments
Septa Cahyadiputra
Septa Cahyadiputra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 12, 2012

ah I missed a semicolon there :(. Anyway, great to hear that you have find the resolution on your end.

I modified my Answer so that other user won't fall to the same trap :P.

Cheers,
Septa Cahyadiputra

Like
Reply
0 votes
Tony Tony6
Tony Tony October 11, 2012

Still not having any luck. I am starting to think the version of Confluence that we have is not able to accept complex filters. If I make any changes to the filter at all, Confluence wont even start. I am going to enable debug level logging and see where that gets me.

Reply
0 votes
Tony Tony6
Tony Tony October 11, 2012

FYI, the Confluence vesion is 3.1.1

I tried the same filter, well close

(&(objectClass=group)(!(cn=confluence-administrators)))

from the command line using Sun's ldapsearch and it worked fine. However, when I add this filter to the XML config file as shown above, Confluence wont even start.

Any ideas?

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events