Authenticated memberof group

Daniel McDonald daniel.mcdonald at
Tue May 2 18:36:10 EDT 2017

We'd like to limit who's logging into shibboleth based on not only their 
password, but if they're in a group as well.

I can return the "memberOf" attribute with a list of the users groups. I 
hoped that putting this in the ldap search filter would work but it didnt:


Could someone point me in the right direction here?


More information about the users mailing list