I think you would generate the permission based on your OU setting in AD dynamically in your custom realm. You should start with a custom realm, and maybe roles are even good enough for you, but you generate them dynamically in your realm, and not statically in your shiro.ini It’s hard to determine what the exact path you need to take with the limited information provided :)
> On Sep 7, 2024, at 1:14 PM, Andreas Reichel <andr...@manticore-projects.com> > wrote: > >> i