Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/12/2022 01:10 PM
Hi Team,
Is there a way to import users only from specific OUs from Active Directory?
we have a requirement where the OU structure is as below:
Root OU: DC=Example,DC=com
Other OUs within root: DC=Example1,DC=com, DC=Example2,DC=com, DC=Example3,DC=com
from the above example, if we want to just import users from Example1, Example2 and not from Example3.
Is it possible to use the filter in SEARCHFILTER field of Active Directory connector?
Any help would be highly appreciated.
Thank you,
Mridul
Solved! Go to Solution.
04/12/2022 02:30 PM
Hi Mridul,
Greetings!!
This is doable.At the meantime, It allows you to bring data from a single OU selection.
Thanks & Regards,
Anand Kumar Jha
04/12/2022 02:30 PM
Hi Anand,
Thanks for the response. Does that mean it is not currently supported to import users from multiple OUs at this time?
Thanks,
Mridul
04/12/2022 02:30 PM
Hi Mridul,
The SearchFilter parameter of Active Directory connector is the starting point in the application where you want to import accounts. From this it will include all the accounts based on the ObjectFilter criteria.
Regards,
Adrien
04/12/2022 02:30 PM
what about handle specific OU's in multiple child domains within a single forest?
04/12/2022 02:30 PM
Team,
Any update of the above query , Please as we do have same requirement and need to apply in the SEARCHFILTER.
Is this supported in the latest ECM version ? and if it is then how can we achieve this !
04/12/2022 02:30 PM
As far as I know, AD does not support using DN with wildcards in searchfilter, and this would probably need some custom LDAP connection library to be used from Saviynt side. So Saviynt AD connector is currently using standard LDAP connectivity and following standards and it would need custom/special configuration to support the functionality to make queries to multiple locations, probably easies way would be to run several LDAP queries against each location specified in some parameter in the connection.
But I also think that this feature would be useful and would have been beneficial in several implementations I have been working on.