Large number of groups in our directory

We have just finished the installation of PassBolt in our structure and wish to import OpenLDAP groups in it. We have a problem related to the large number of groups in our directory. Is it possible to apply a filter other than the “Parent group” in the PassBolt configuration so that it does not show all the groups?

Hey @Jerome welcome to the forum!

If you are only configuring via the webpage you won’t have that option. If you use the configuration file route you’ll have that option. You can find an example file under /etc/passbolt/ldap.default.php

The block most relevant to your question is:

                // Group custom filters. Build advanced query filters to retrieve groups.
                // Doc:
                // 'groupCustomFilters' => function(LdapQueryBuilder $query) {
                //     return $query;
                // }

You’ll want to edit that file to have you connection information and then disable LDAP in the UI, then move that file to /etc/passbolt/ldap.php

Once that is done you’ll want to do the simulation and testing, you’ll have to use the command line for this as the webpage interface won’t be an option with the config file. The command you’ll want for this is:
su -c "/usr/share/php/passbolt/bin/cake directory_sync --help" -s /bin/bash www-data (might be nginx instead of www-data depending on your installation)

This will show you the options for the directory_sync command. You’ll likely want to use test and debug before actually running the sync.

Can you give me a concrete example of using CustomFilters that works?
We’ve tried several things without success, we get the following error: Passbolt\DirectorySync\Utility\DirectoryOrgSettings::{closure}() must be an instance of LdapQueryBuilder, instance of LdapTools\Query\LdapQueryBuilder given, called in /usr/share/php/passbolt/plugins/PassboltEe/DirectorySync/src/Utility/LdapDirectory.php

Hello @Jerome
Please contact us at, so we can investigate to help you with this issue.

Thanks in advance