I have Graylog 2.3.2 successfully authenticating users against an AD Server. But I can’t map groups. I know this topic appeared before, but haven’t found any successful solution.
ServerType: AD Server Address: ldap://srvdc01:389
USER MAPPING BaseDn: ou=Usuarios,DC=company,dc=net Search Pattern: (saMAccount={0}) Dispaly Name Attribute: DisplayName
GROUP Mapping GroupSearch Base DN: ou=Seguridad,ou=Grupos,DC=company,dc=net Group Search Pattern (&(objectClass=group)|((cn=AppsDESA)(cn=GRO))) Groupname Attribute: cn
I´ve tested with a simpler Search pattern, just objectClass=group. Without success
Are you 100% sure, that groups are located in right OU?
Because by default AD groups are located under cn=user,dc=company,dc=com
Another issue I see, that you use bad group search pattern, your pattern should be:
(&(objectClass=group)(|(cn=Apps DESA)(cn=GRO)))
You should always check if your ldap filter is right. Easiest way is to open mmc console Active Directory Users and Computers - Saved Searches - New query. In your case, try to simulate your query, filling up field like this: Query root: browse OU Seguridad under OU Grupos. After that click Define Query… in find selectbox choose Custom search and in tab Advanced insert your query. Click OK. And then try to find your groups - click Refresh if you change something in query. That way you can try if your query is OK.
The last step will be to insert query in graylog.
first check what @shoothub wrote and in addition you might want to move away from this ancient version. I do not know how well that ldap group mapping worked in that version …
