your ldap groups are the same as the bind entry. My settings are listed here. $config['auth_ldap_groupbase'] = "ou=Court Groups,ou=network,o=fca"; $config['auth_ldap_groups']['obsadmin']['level'] = 10;
perhaps you wanted $config['auth_ldap_groups']['obsadmin']['level'] = 10; $config['auth_ldap_groups']['obsuser]['level'] = 1;
where cn=obsadmin,OU=IT,OU=IF,OU=IS,OU=Standard,OU=Users,OU=AAAA,DC=BBBBB,DC=com and cn=obsuser,OU=IT,OU=IF,OU=IS,OU=Standard,OU=Users,OU=AAAA,DC=BBBBB,DC=com are groups
I use eDirectory, not AD, so i don't know if your prefix or suffix entries are right, but they seem strange. $config['auth_ldap_prefix'] = "cn="; $config['auth_ldap_suffix'] = ""; //leave empty to override default
thanks
Peter Hine Senior Technical Support Engineer (Servers) FCoA ITS peter.hine@familycourt.gov.au
********************************************************************** The information contained in this e-mail (including any attachments) is for the exclusive use of the addressee. If you are not the intended recipient please notify the sender immediately and delete this e-mail. It is noted that legal privilege is not waived because you have read this e-mail. **********************************************************************