Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Import users only from specific OUs from Active

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 22 2020 at 07:13 UTC

Hi Team,


Is there a way to import users only from specific OUs from Active Directory?


we have a requirement where the OU structure is as below:


Root OU: DC=Example,DC=com

Other OUs within root: DC=Example1,DC=com, DC=Example2,DC=com, DC=Example3,DC=com



from the above example, if we want to just import users from Example1, Example2 and not from Example3.



Is it possible to use the filter in SEARCHFILTER field of Active Directory connector?


Any help would be highly appreciated.


Thank you,

Mridul

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
6 REPLIES 6

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 22 2020 at 11:30 UTC

Hi Mridul,


Greetings!!


This is doable.At the meantime, It allows you to bring data from a single OU selection.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 23 2020 at 06:51 UTC

Hi Anand,


Thanks for the response. Does that mean it is not currently supported to import users from multiple OUs at this time?


Thanks,

Mridul

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 25 2020 at 15:58 UTC

Hi Mridul,

The SearchFilter parameter of Active Directory connector is the starting point in the application where you want to import accounts. From this it will include all the accounts based on the ObjectFilter criteria.

Regards,

Adrien

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on February 16 2021 at 16:30 UTC

what about handle specific OU's in multiple child domains within a single forest?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 28 2021 at 06:02 UTC

Team,


Any update of the above query , Please as we do have same requirement and need to apply in the SEARCHFILTER.

Is this supported in the latest ECM version ? and if it is then how can we achieve this !

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 29 2021 at 07:54 UTC

As far as I know, AD does not support using DN with wildcards in searchfilter, and this would probably need some custom LDAP connection library to be used from Saviynt side. So Saviynt AD connector is currently using standard LDAP connectivity and following standards and it would need custom/special configuration to support the functionality to make queries to multiple locations, probably easies way would be to run several LDAP queries against each location specified in some parameter in the connection.


But I also think that this feature would be useful and would have been beneficial in several implementations I have been working on.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.