1. Home
  2. Transact
  3. System Configuration
  4. User Connectivity
  5. Active Directory Resources
  6. Multiple Groups as Roles in Active Directory

Multiple Groups as Roles in Active Directory


Customer would like to add multiple groups from Active Directory as roles in Ephesoft.



When you set up the file, you have the ability to add multiple groups in the roles used for restricting Batch Classes in Ephesoft.


In the file, this is controlled in the ‘user.msactivedirectory_group_search_filter=’ option. The following is an example of a value for this option which allows all Active Directory groups that start with ‘Ephe’ such as groups EphesoftAdmins, EphesoftUsers, EpheOperator, etc… It also includes all groups that start with ‘Operator’.

[blockquote float=”left”]user.msactivedirectory_group_search_filter=(|(cn=Ephesoft*)(|(cn=Operator*)))[/blockquote]



This field uses the following switches:

[blockquote float=”left”]# filter can have |(OR), &(AND) and !(NOT)
# | (|(cn=a*))
# & (&(cn=a*))
# ! (!(cn=a*))[/blockquote]






When creating a group search filter, a few things are required:

  1. Include the switch option for or ‘|’ in front of all groups which you would like included.
  2. Place each option in parenthesis and include the whole list in a set of parenthesis.
  3. It is best not to include spaces in the list of options.

Was this article helpful to you? Yes No