Hi all, I've been able to set up an LDAP connection such that Apache CloudStack (4.19.1.2) can query our LDAP environment. However, it's a large organisation and if I set my basedn variable to the root of the LDAP tree, it'll seriously take forever to try to add a single account. It looks as though it's loading the entire LDAP tree into your browser and then runs the query locally and you can easily wait for 5-10 minutes with nothing happening if your browser doesn't crash in the meantime. I can limit this by lowering my basedn and going down a couple of organizations down the line but if I do that, I might be able to add users from one particular organization but not another... unless I create different domains, one for each organization which to me feels kind of clunky. What would be the appropriate method here to be able to add accounts from an LDAP tree that contains hundreds of thousands of users and still be able to add an LDAP account within an appropriate amount of time?
Another question which I haven't been able to properly figure out is whether it's possible to add an AD group as an account and assign it a particular role. Basically, have a group of administrators in AD and assign that particular group the root admin role. What would be the steps to do that? (provided that's possible) Kind regards, Jeroen Kleijer
