issue of group right Permission,

[lihuilixin]

Hello, Here is my setup: ldap_server ad{

url "ldap://192.168.99.174/ou=it,dc=lihui,dc=intern?uid?sub?(objectClass=persiona)";

    url "ldap://192.168.99.174/ou=it,dc=lihui,dc=intern?sAMAccountName?sub?(objectClass=person)"
    binddn "cn=a1,ou=it,dc=lihui,dc=intern";
    binddn_passwd "123";
    group_attribute member;
    #group_attribute uniquemember;
    group_attribute_is_dn on;
    satisfy all;
    require group "cn=k4allow,ou=it,dc=lihui,dc=intern";
    #require valid_user;
  }

background is : user a1 ,a2 ,a3 only belong to the group k4allow,(cn=k4allow,ou=it,dc=lihui,dc=intern)

but a4 main belong to a other group ,but also belong the group k4allow,I think this is common in many company,which my idea is I want create a new group,if exist user want to have right to login the nginx web ,just add them into this new group, BUT,in my case ,I use the above configuration,a1,a2,a3,can longin ,but a4 can not,who can help me ,is there something bad setup in my configuration?Think you all very much

[wanggaolin]

Your configuration can be achieved only by allowing the k4allow group to log in?