...
In 1.8.20 the new LDAP query interface allows AD to queried directly with matches rendered automatically as changes are made to the LDAP filter and required/expand attributes, here is a query showing the above:
Shows the LDAP filter configuration that must already exist, this defines the runtime configuration for distribution group filter (the LDAP filter (2) is used here instead to allow dynamic querying)
The LDAP filter that should be valid to match users within the BASE DN of the related LDAP configuration
The Expand Attributes are there to allow an attribute to be nominated that contains full Distinguished Name (DN) attribute values. With Active Directory, the member attribute is the one required
When a structurally valid LDAP filter is present (matching bracket count!) the LDAP query will be re-executed with every query change, there is also a manual refresh button in the Results section.
When a group LDAP entry is found, and it has an email address associated (the 'mail' attribute is defined in the LDAP config), actions are possible, currently this is a simple TEXT export of JIRA users found (more details later)
When an Expand Attribute like member is identified and contains full DN's, they will be expanded and listed. Here some default attributes like CN, sAMAccoutnName and mail attributes are listed in the concise view - they can be expanded to replicate the full view as shown in the top level record, and so on. There is a depth maximum of 50 defined in JEMH currently.
Users will be listed without actions
...
Configuring JEMH for runtime distribution list expansion
...