I have LDAP properly setup for Users and they are able to authenticate. I also setup LDAP Groups and all test appear to be working as expected. When I attempt to create new security awareness training and test the LDAP connection for a given user I get the following message:
Using your LDAP Auth connector we pulled the list of groups for this user and could not find the groups you selected for this awareness program. Check your LDAP connectors and try again.
See screenshots of the error and LDAP configurations.
Awareness LDAP Error Message:
LDAP - User Auth Config
LDAP User Test
LDAP - Group Auth Config
LDAP - Group Members Test
LDAP - Group List Test
Is best if you raise a support case so you dont have to share too much info on your particular setup, but im pretty sure your problem is related to this:
have a look, if you struggle with the damn LDAP protocol we can try helping you remotely!
Thanks, I’ll open a support case. The guide is in need of some reconciliation. I see a lot of flip flopping between field values in the guide. For example: using the query in the image below will result in the following query being sent to LDAP since the query will be assigned to the value %GROUP%. There is also flip-flopping between distinguedName and sAMAccountName which makes this guidance difficult to replicate.
Every LDAP setting is different, the guide is meant to explain the typical configuration issues! Send out a support case with the full details and we’ll try to help you out.
I figured out the issue. Both the documentation and the guidance on the LDAP configuration page contains errors. Both advise you to put “CN=%GROUP%” in the “filter to get members of a group” field but this means that if you %GROUP% variable also contains a “CN” the query will end up looking like “CN=CN=USER,OU=PATH,DC=CORP”. See screenshot below.