I am in the process of upgrading to 10.8. I have installed a clean environment on new Windows 2019 servers. I am wanting to not use EEM going forward. But, I cannot get my LDAP configuration to search for groups. Single-user queries work.
Release : 10.8
After trying some new use cases, I determined that the group I was using for full access was not working. Then I determined that I could get other groups to work but others would not. So, after looking at the groups in AD I noticed that their cn name was different than the name I was using or seeing when I looked at my security groups. Then I started messing with the realms configuration. I have uploaded my working configurations.
Basically, I changed groupNameAttribute to sAMAccountName from cn. Now it can search for the group name provided by other security searches I use. Like "net user /domain <user>", etc...