Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Excluding accounts from a particular OU during the account import - AD Connector

sreehariv
New Contributor III
New Contributor III

‎02/14/2023 03:14 AM

Hello Team,

We have a requirement to import all accounts from active directory excluding  the accounts from a particular OU. 

We are trying to achieve this through Active Directory connector (single domain).

We can see "Object filter" and the other is "Advance_Filter_Json" configurations where as we use Object filter to filter the objects based on the conditions such as (&(objectCategory=person)(objectClass=user)(sAMAccountname=*) to filter the objects which are of type user and we use Advance_Filter_Json when we want to import accounts from few particular OUs.

 

since our requirement is to exclude only one particular OU we have tried using object filter with adding that ou in the condition based on the ldap search filters but it didn't worked out. 

so we were thinking to list all the ous except the one in Advance_Filter_Json configuration. 

 

Please suggest the best and suitable approach to achieve this requirement

Thanks

Sreehari

Labels:
0 Kudos
1 REPLY 1

SB
Saviynt Employee
Saviynt Employee

‎02/14/2023 09:03 AM - edited ‎02/14/2023 09:03 AM

One way is as you mentioned - to define the list of OU that you wish to import the data from. Alternatively, you can also try the below to exclude the accounts from the OU (abc); you do not wish to import under AccountFilter.

(&(objectCategory=person)(objectClass=user)(sAMAccountName=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(ou=abc)))

Please note: If you use Advance_Filter_JSON it will ignore the values defined in Search and Object filter.

 


Regards,
Sahil
0 Kudos
Copyright © 2024 Khoros, LLC