Hi, ext_ldap_group_acl is working to authorize users, i.e. check that authenticated users belong to a specific LDAP group. However, in the AD backend, there groups with groups. this scripts seems to only check the first level. Is there a way of authorizing against a nested AD group, on linux? Seems like more of an openldap issue? There is ext_ad_group_acl, but thats only for Windows servers. Maybe one needs to do an SQL query based on ext_sql_session_acl? Thanks in advance, Sean Boran
