David Herselman

Recursive group membership not working for Office Mode

Discussion created by David Herselman on Sep 12, 2018
Latest reply on Sep 13, 2018 by Günther W. Albrecht

We defined an LDAP group referencing our AD:

Name: AD_vpn_access

Account Unit: ad.lair.co.za__AD

Group's scope: Only group in branch (DN prefix)

Prefix: CN=vpn_access,OU=Firewall,OU=Security Groups,OU=Syrex

 

We then link this through to the Mobile Access Office Mode settings:

 

Nested LDAP groups work perfectly for security policy firewall rules but VPN access is not granted unless members are direct members of the vpn_access AD security group.

 

Is this a bug, known limitation or is there a setting I should be changing somewhere?

Outcomes