This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Multiple OUs to import AD account

Ankyt19
Regular Contributor
Regular Contributor

‎09/15/2022 03:04 AM

Hi Team,

Can we use 2 OUs in search filter to import accounts from ?We have 2 OUs one for active accounts and another for inactive ( inactive accounts is a part of root DN in AD ) but we cant use root DN as other OUs are not required to be part and they belong to other connection import .

Example: ABC.XYZ.com is AD 

We need OU=activeusers,DC=ABC,DC=XYZ,DC=COM and also OU=inactiveusers,DC=ABC,DC=XYZ,DC=COM accounts to be imported to same endpoints/connection .

Please let me know if any possibility or workaround with syntax ?

@JSON @rushikeshvartak  #JSON #Endpoint #Saviynt #SSM  #activeDirectory 

@avinashchhetri  @ashisht @Neeharika  @Harish_Yara @VikramIngale 

Thank you

Ankit

0 Kudos
9 REPLIES 9

rushikeshvartak
All-Star
All-Star

‎09/15/2022 04:26 AM

Use Advance_filter_json

{"AdvanceFilter":{ "OU=Administration,DC=saviynt,DC=net": [ "(objectClass=*)" ], "OU=Admin,DC=CORP,DC=saviynt,DC=net": [ "(objectClass=*)" ] }}

 

 

https://saviynt.freshdesk.com/support/solutions/articles/43000615764-active-directory-ad-connector-g...


Regards,
Rushikesh Vartak

Ankyt19
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎09/15/2022 06:26 AM

Thanks

I checked that only in AD connector guide as well

Ankyt19_0-1663248246119.png

 

Will try .

Also any idea how we can differentiate/custom correlation rule ?

 

Like a a part of OU , we dont have to correlate ?  Based on certain attribute in AD ? or we can give name of OU?

Like: OU=Ankit has 2 10 sub OUs , and out of that I dont want to have one of the OUs to be correlated as account 

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Ankyt19

‎09/15/2022 07:44 AM - edited ‎09/15/2022 07:46 AM

You can exclude particular OU using advance_config_json. 

For Correlation - You can use advanced query (case when .. then) under endpoint & write your logic if DN contains OU=SubOU then wrong correlation  user.username=accounts.customproperty50.

 


Regards,
Rushikesh Vartak
0 Kudos

Ankyt19
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎09/15/2022 12:14 PM

Syntax to exclude OU using advance_config_json?

@rushikeshvartak 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Ankyt19

‎09/15/2022 12:37 PM

How many distinct OU u have


Regards,
Rushikesh Vartak
0 Kudos

Ankyt19
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎09/15/2022 08:24 PM

I want to exclude 2 OUs and also 2 OUs I want to include 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Ankyt19

‎09/15/2022 09:05 PM

Specifying all ou you want in filter


Regards,
Rushikesh Vartak
0 Kudos

Ankyt19
Regular Contributor
Regular Contributor

‎12/12/2022 01:02 AM

Hi @rushikeshvartak ,

If I want to exclude users while correlating account can we put certain attribute not equal to?

{
"AdvanceFilter": {
"OU=ankyt,DC=abc,DC=xyz,DC=com":
["(&(objectCategory=person)(objectClass=user){co!=India})"],
"OU=rushikesh,DC=abc,DC=xyz,DC=com":
["(&(objectCategory=person)(objectClass=user)(co!=India)"]
}


}

 

co!= India i have added is that right method ? or can we have any particluar syntax you might have tried ?

 

Thanks

Ankit

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Ankyt19

‎12/12/2022 04:13 AM

!co=India


Regards,
Rushikesh Vartak
0 Kudos
Copyright © 2023 Khoros, LLC