Hi Josh,
There is no concern with matching something else in AD so I used your first option.
(&(OU=Omero)(member=@{dn}))"
When I attempted to login the login failure says: Failed to lon onto OMERO. Please check your user name and/or password or try again.
The Blitz-0.log shows the following.
Marker - Apr 16, 2012 12:14:47 PM
2012-04-16 12:14:49,135 INFO [ ome.services.util.ServiceHandler] (l.Server-0) Executor.doWork -- ome.services.sessions.SessionManagerImpl.executeCheckPasswordRO(jlbryants)
2012-04-16 12:14:49,136 INFO [ ome.services.util.ServiceHandler] (l.Server-0) Args: [null, InternalSF@325623314]
2012-04-16 12:14:49,136 INFO [ ome.security.basic.EventHandler] (l.Server-0) Auth: user=0,group=0,event=null(Sessions),sess=54b24107-f005-4377-ad8b-5e5485187501
2012-04-16 12:14:49,193 INFO [ org.perf4j.TimingLogger] (l.Server-0) start[1334592889136] time[57] tag[omero.call.success.ome.services.sessions.SessionManagerImpl$8.doWork]
2012-04-16 12:14:49,193 INFO [ ome.services.util.ServiceHandler] (l.Server-0) Rslt: true
2012-04-16 12:14:49,194 INFO [ ome.services.util.ServiceHandler] (l.Server-9) Executor.doWork -- ome.services.sessions.SessionManagerImpl.createSession
2012-04-16 12:14:49,194 INFO [ ome.services.util.ServiceHandler] (l.Server-9) Args: [null, InternalSF@325623314]
2012-04-16 12:14:49,211 INFO [ ome.security.basic.EventHandler] (l.Server-9) Auth: user=0,group=0,event=3915(Sessions),sess=54b24107-f005-4377-ad8b-5e5485187501
2012-04-16 12:14:49,215 WARN [ome.services.sessions.SessionManagerImpl] (l.Server-9) Exception while running executeDefaultGroup
ome.conditions.ValidationException: The user 52 has no default group set.
at ome.logic.AdminImpl.getDefaultGroup(AdminImpl.java:802)
at ome.services.sessions.SessionManagerImpl._getDefaultGroup(SessionManagerImpl.java:1216)
at ome.services.sessions.SessionManagerImpl.checkPrincipalNameAndDefaultGroup(SessionManagerImpl.java:763)
at ome.services.sessions.SessionManagerImpl.access$000(SessionManagerImpl.java:85)
at ome.services.sessions.SessionManagerImpl$2.doWork(SessionManagerImpl.java:305)
at sun.reflect.GeneratedMethodAccessor268.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at ome.services.util.Executor$Impl$Interceptor.invoke(Executor.java:440)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at ome.security.basic.EventHandler.invoke(EventHandler.java:150)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:231)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:116)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy64.doWork(Unknown Source)
at ome.services.util.Executor$Impl.execute(Executor.java:371)
at ome.services.sessions.SessionManagerImpl.createSession(SessionManagerImpl.java:300)
at ome.services.sessions.SessionManagerImpl.createWithAgent(SessionManagerImpl.java:252)
at ome.services.blitz.fire.SessionManagerI.create(SessionManagerI.java:173)
at Glacier2._SessionManagerDisp.___create(_SessionManagerDisp.java:92)
at Glacier2._SessionManagerDisp.__dispatch(_SessionManagerDisp.java:125)
at IceInternal.Incoming.invoke(Incoming.java:159)
at Ice.ConnectionI.invokeAll(ConnectionI.java:2037)
at Ice.ConnectionI.message(ConnectionI.java:972)
at IceInternal.ThreadPool.run(ThreadPool.java:577)
at IceInternal.ThreadPool.access$100(ThreadPool.java:12)
at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971)
2012-04-16 12:14:49,216 INFO [ org.perf4j.TimingLogger] (l.Server-9) start[1334592889194] time[22] tag[omero.call.exception]
2012-04-16 12:14:49,216 INFO [ ome.services.util.ServiceHandler] (l.Server-9) Excp: ome.conditions.ApiUsageException: Can't find default group for jlbryants
2012-04-16 12:15:00,018 INFO [ ome.services.blitz.fire.SessionManagerI] (3-thread-1) Performing requestHeartbeats
2012-04-16 12:18:00,014 INFO [ ome.services.blitz.fire.SessionManagerI] (3-thread-5) Performing requestHeartbeats