In Elasticsearch I'm trying to make it's user_search.filter take users from a specified OU (not groups, just the users contained in this OU). It should work like a regular LDAP Query.
So far I've come up with the following:
(&(objectClass=user)(samaccountname=*)(OU=ES Users,OU=app_users,DC=app
,DC=domain,DC=com))
Unfortunately that does not return any results and I'm not sure why.
If you want to list all user entries with a dn built under the base "OU=ES Users" (as a container) you need to use OU=ES Users,OU=app_users,DC=app,DC=domain,DC=com as the search base dn.
For Active Directory user authentication in Elasticsearch, this means the following :
user_search.filter: (&(objectClass=user)(samaccountname=*))
user_search.base_dn: OU=ES Users,OU=app_users,DC=app,DC=domain,DC=com