Filter LDAP exclude specific OU

Gaetano De Mitr · ‎02-02-2018

Hi to all,

I need to get all users from LDAP node, but I have to exclude some OU.

This is my current structure of AD:

root

-- OU=Group1

-- OU=Group2

-- OU=Group3

-- OU=Support

----CN=User1

----CN=User2

...

----OU=Operators

-----OU=TEST (I have to exclude this OU)

Thanks,

Sebastiaan de V · ‎02-02-2018

What I usually do with LDAP is to try to connect directly to the LDAP with some LDAP explorer (there are multiple out there), to try and test my filters.

Gaetano De Mitr · ‎02-02-2018

This filter working on LDAP explorer:

(&(objectClass=organizationalUnit)(!(ou:dn:=TEST)))

but on ServiceNow I see OU=TEST,

Why not working "browse" on ServiceNow?

Sebastiaan de V · ‎02-02-2018

I'm not sure the filter is respected when browsing from ServiceNow. You're OU filter looks a bit strange to me (ou:dn:=test) instead of just (ou=test), but I'm not an AD expert.

Otherwise I'm afraid I cannot help you.