So far the only filter that could be used in the LDAP configuration was the configuration of the ldap.ldapUserObjectClass. Sometimes it is necessary to create more complex filters, e.g. to check for group memberships.
The new configuration is backwards compatible for the ldap.ldapUserObjectClass configuration but enables admins to change the filter to whatever they want.
A simple configuration in olat.local.properties would look like this:
A more complex like this: