Saviynt Forums

Robbe_Cronos · ‎04/24/2023

We have a use case where we only want to import groups of 2 OUs in OpenLDAP.

There are 5 group OUs: ou1, ou2, ou3, ou4 and ou5. How would we go about only importing groups from ou1 and ou2? The searchfilter does not help as this can only contain 1 specific group ou.

Thank you!

sudeshjaiswal · ‎04/25/2023

Hello @Robbe_Cronos,

In the Connector groupImportMapping, you need to add the advanceGroupFilter for the OU's as shown in the sample below.

{

"importGroupHierarchy": "true",

...

"groupObjectClass": "(objectclass=group)",

"advanceGroupFilter":{"memberOf":{

"OU=ABC,DC=saviyntlabs,DC=org": ["(&(objectClass=group))"],

"OU=XYZ,DC=saviyntlabs,DC=org": ["(&(objectClass=group))"]}},

"mapping":

"memberHash:member_char,entitlement_value:distinguishedName_char,

....

}

https://docs.saviyntcloud.com/bundle/AD-v23x/page/Content/Configuring-the-Integration-for-Importing-...

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Robbe_Cronos · ‎04/25/2023

it seems we had a small typing error in our advanceGroupFilter, it works correctly now.

Thank you!

Manu269 · ‎04/25/2023

Can you try below option :

"advanceGroupFilter":
{"memberOf":
{"OU=TestGroups,DC=XXXX,DC=XX":
["(&(objectClass=group)(displayName=ABC))"],
"OU=XYZ,DC=XXXX,DC=XXX": ["(&(objectClass=group))"]
}

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

Saviynt Forums

Importing only specific groups OpenLDAP