Advice with LDAP OU filter

jasonbrough
Kilo Expert

‎08-12-2016 02:07 AM

Hello, I need help with LDAP integration, which is actually more of a question regarding LDAP filters rather than ServiceNow itself.

There are a number of OU's in AD which contain the accounts which they want to drag across. All the OU's are called 'User Accounts (Personal)'. The diagram shows 3 such OU's (there are around 150 in total).

find_real_file.png

The OOB filter is as follows:

        (&(objectClass=person)(sn=*)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

What I want to do is basically start at the root level (black above) and return only the user records that exist in the 'User Accounts (Personal)' OU's. I was thinking of adding the following condition to the OOB filter:

        (ou=User Accounts (Personal)

Has anyone done anything like this before?

Thanks..

Labels:
Preview file
15 KB
0 Helpfuls
  • 2,673 Views
6 REPLIES 6

alan_lowrance
Mega Guru
In response to sLuintel

‎11-01-2016 06:26 AM

How we are doing user imports is to add those groups of people to a "ServiceNow Users" group and have that as a default group that all new hires processed by HR go into.   That way we don't have to manage which OU's that ServiceNow should pull in, just add them to a ServiceNow group of some sort and have the LDAP sync look for that instead of parsing all the different OUs you might want


0 Helpfuls

Nitin_NOW
Tera Guru
In response to sLuintel

‎01-05-2018 01:40 PM

Hello Swetha



Did you ever get this resolved? Seems I have pretty much similar issue, I would like to remove a sub OU from the parent OU from the filter?



How did you achieve this ?



Regards!


0 Helpfuls