AD does not allow anonymous access, The following settings are used to query AD.
ldap.user=uid=admin, ou=system
ldap.password=secret
To find your users you will have to set the base dn.
ldap.basedn=OU=employees,DC=work,DC=company,DC=com
Incase you have multiple ou’s containing users, you just move the basedn a bit up.
For example:
ldap.basedn=DC=work,DC=company,DC=com
It is very important that ALL user objects below the basedn have all attributes set. Otherwise it can lead to null pointers.
A 2nd option that I have not thested is to point the basedn to “DC=company,DC=com”, and use ldap queries.
Once LDAP is in the stable branch, I’ll do some testing and document some scenarios with AD and LDAP.
A 3rd option is to add an attribute to the user and create an ldap query to filter out those users.
A 4th option would be to put all flowable users in a group and create an ldap query to filter out those users.
I have a proposal if you not against I can provide you a fresh build ‘war’ files of Flowable now or you can build it by youself using this step-by-step instruction created by me.