hi, I try to get groupfilter working, but I don't get it. My base is: cn=accounts,dc=domain,dc=foo all our user accounts are there, now I created a separate group: cn=wiki,cn=admins,cn=groups,dc=domain,dc=foo # ldapsearch -x -h ldap -b n=wiki,cn=admins,cn=groups,dc=domain,dc=foo dn: cn=wiki,cn=admins,cn=groups,dc=domain,dc=foo objectClass: myGroup cn: wiki member: cn=user1,cn=accounts,dc=domain,dc=foo member:cn=user2,cn=accounts,dc=domain,dc=foo member: cn=user3,cn=accounts,dc=domain,dc=foo I want that only users have access, which are in the group wiki. I tried several filters, but no one was working: localconf.php $conf['auth']['ldap']['server'] = 'ldap'; $conf['auth']['ldap']['version'] = '3'; $conf['auth']['ldap']['usertree'] = 'uid= %{user},cn=accounts,dc=domain,dc=foo'; $conf['auth']['ldap']['grouptree'] = 'cn=wiki,dc=admins,dc=groups,dc=rbg,dc=domain,dc=foo'; $conf['auth']['ldap']['groupfilter'] = '(&(member= %{dn})(objectClass=*))'; $conf['auth']['ldap']['debug'] = '1'; does anybody now, what my problem is? cu denny