How to Create User Groups with LDAP Queries in Workspace ONE
One of the powerful ways that you can use User Groups in Workspace ONE is by creating user groups based on LDAP criteria. Let’s walk-through how to do this easily.
- Navigate to Accounts > User Groups > List View and click Add > User Group
2. Click “Custom Query” and add some Custom Logic e.g. locations, departments, names, email addresses, or different AD attributes. We will cover that more in detail in the notes after. For now, we will take people in the Dedham Office that are in Information Technology.
3. Once your query is returned the desired number of users, I suggest clicking on “Custom” under User Group Settings and setting your desired settings for the group before you click “Save”
When creating LDAP groups, you can do it in a few different ways. The typical syntax looks like this:
If you want to be a bit more advanced, you can do everyone in a department that also has a specific title:
One other one that I also use is concatenation, which is gives you the people for BOTH attributes not just someone who meets both e.g. everyone in a department OR with a title:
It’s important to do a bunch of testing because you will find with LDAP that not every attribute works with LDAP queries, such as domains. Many of them will work and this can be a very powerful way to deploy things to your users.