Nested Group Search in LDAP Authentication
Nested group search is a new feature added to Windows AD server when the LDAP server’s settings have group-member-check set to user-attr. After authentication succeeds, fnbamd gets groups from user attributes and repeats LDAP queries on the groups until reaches the top layer.
Syntax
config user ldap
set search-type nested
end