We have users whose user accounts are part of different OUs, but part of same AD group that is used for ACL rule. Currently, because of this, we are setting up 2 separate LDAP configuration and 2 separate ACL block so that we can support both type of users.
First LDAP configuration has below in search_user_base_DN setting.
Second one has below.
Is there any alternative way to set this up, so that I don’t have to duplicate this? If currently there is no alternative, can we look at adding a feature, where I can provide multiple values for the base DN as part of a single LDAP configuration? We also have another group who will have to be provisioned whose user account are part of a 3rd OU. So having this ability to provide multiple user base DN will help to simplify the ACL rules.