Got word from support (thanks Curtis!):
If you wanted to pull in everyone you currently have in LDAP search here...
ldap.searchFilter = (&(sAMAccountName=)(memberOf=cn=Clearspace_Users, ou=Security_Groups,dc=mjmcreative,dc=com))
Just remove the bold values in these fields during the setup process. (By stopping clearspace & setting the <setup>false</setup> )
ldap.groupDescriptionField = *description *
ldap.groupMemberField = *member *
ldap.groupNameField = *cn *
With those group settings blank Clearspace will bring in all of the users within the restricted search filter you have assigned.
One more adjustment here --
We figured out why the group-filtered user list wasn't prepopulating -- our control group was in Security_Users, not the Users container. It was working for authentication but not for the group filter.
ldap.baseDN = dc=mjmcreative,dc=com -- note that Users is now omitted
ldap.searchFilter = (memberOf=cn=Clearspace_Users, ou=Security_Groups, dc=mjmcreative,dc=com) -- leaving CU group in Security_Groups
ldap.groupSearchFilter = (&(objectCategory=group)(name=Clearspace*))
At this point it seems to be behaving as expected. Users who don't reside in the Users OU are also showing up.
sort of unrelated question. I'm new to clearspace and still trying to figure out the in's and out's of the product. I went through the setup wizard and configured ldap authentication. I'm new to my company so I don't know how the ldap groups are structured so for the time being I left groups as local(instead of ldap).
First, the config file that you posted(the one with the ldap info). Where does that live within tomcat? I'm using clearspace 2.5.1 standalone. I'd like to be able to take a look at the raw configs that the wizard generated for me.
Second, is there a way to get clearcase to look at LDAP for group membership(and assign communities/spaces those group memberships)?
TIA for the help.