Shamma Negi
Kilo Sage
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
12-21-2023
04:51 AM
Hi All,
I have found this helpful article wherein we have to exclude OU:
Exclude particular LDAP users
If you cannot completely filter the LDAP user list using LDAP filter properties, you can exclude users with a map script.
After you have run the logic to identify a user that should not be imported, set the user_name field to an empty string and this user will not be imported.
user_name='';
One way to identify users to filter out is to look for a string in the distinguishedName attribute. For example, this script excludes accounts that are not in a Users OU. You might use this script if you have too many Users OU to include in the target OU LDAP Option.
//vdn is a variable mapped to distinguishedName
gs.include("LDAPUtils");
var vdn = source.getElement(this.distinguishedName);
if (vdn.indexOf('OU=Users')<0) {
user_name='';
gs.log('LDAP Import Skipping User: ' + vdn);
}A more complex method of filtering is to use regular expressions.
//vcn is a variable mapped to cn
//vdn is a variable mapped to distinguishedName
//c is the regular expression string
gs.include("LDAPUtils");
var vdn = source.getElement(this.distinguishedName);
var vcn = source.getElement(this.cn);
var c = /^[a-z][a-z][a-z][0-9][0-9][0-9]$/;
var nvcn = vcn.toLowerCase();
//test to see if the cn is in the form of 3 letters followed by 3 numbers, only import these
if (c.test(nvcn)) {
user_name = nvcn;
} else {
gs.log("LDAP import rejected username: " + vcn + " for DN: " + vdn);
user_name = "";
}
LDAP scripting (servicenow.com)
Hope this helps.
I hope this article helpful. Please mark it as helpful and bookmark if you like it.
Regards,
Shamma
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
