Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to filter group objects residing in sub containers during AD group import

jbirkmeier
New Contributor
New Contributor

‎08/10/2022 07:30 AM

I have a requirement to filter out all group objects in sub container when the AD import job is run.

Example:

The AD connector groupSearchBaseDN is set to "OU=groups,DC=dev,DC=xyz,DC=com".  This is needed in order to import all of the required groups within OU=groups.

The AD directory structure under "OU=groups,DC=dev,DC=xyz,DC=com" also has multiple sub containers like OU=service,OU=groups....

My requirement is to not import any of the the AD group objects in the sub containers under OU=groups...   like CN=application,OU=service,OU=groups.

How can I filter out the the sub containers?  Thanks!

Labels:
0 Kudos
5 REPLIES 5

Belwyn
Saviynt Employee
Saviynt Employee

‎08/25/2022 06:50 AM

Hi @jbirkmeier 

Thank you for reaching out to us, 

Is your use case is something like, you have a group like OU=groups,DC=dev,DC=xyz,DC=com and this group has nested groups in them and you do not wish to bring them in, is this correct understanding? 

Thanks & Regards, 
Belwyn.

 

 

0 Kudos

jbirkmeier
New Contributor
New Contributor
In response to Belwyn

‎08/29/2022 11:13 AM

Thanks for the reply Belwyn.  My scenario does not involve "nested" groups.  My goal is to not import groups that reside in sub containers under the the OU=groups parent container. 

0 Kudos

rushikeshvartak
All-Star
All-Star

‎08/25/2022 06:55 AM

Use can use filter condition based on attribute of group and achieve your requirement. which ever group you want to pull add into object filter or use groups unique attribute

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

jbirkmeier
New Contributor
New Contributor
In response to rushikeshvartak

‎08/29/2022 11:16 AM

Thank you for the reply Rushikesh.  Your suggestion sounds like it would work, but adds an extra layer of complexity and management that I was hoping to avoid. 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to jbirkmeier

‎08/29/2022 11:23 AM

IGA tools bring standardization hence this will be one time activity and for new group same can be followed either by ad admin or via saviynt ( if group management is used) while creating user group


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
Copyright © 2024 Khoros, LLC