LDAP OU Definition Filter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-07-2017 03:08 PM
I need to query a specific group in AD and return the members of that group. I have created an LDAP OU Definition with the following fields:
RDN: OU=Users
Query field: sAMAccountName
Filter: (&(memberOf=CN=mygroup,OU=UCAMS Managed Groups,OU=Groups,OU=Enterprise,DC=mydomain,DC=com)(objectClass=group))
The error I receive is "There is no entry returned. Check if Filter is set correctly.".
I created a workflow and used the Query AD and the filter that worked was:
"LDAP://ornl.gov/CN=mygroup,OU=UCAMS Managed Groups,OU=Groups,OU=Enterprise,DC=mydomain,DC=com"
I thought I could use the same in the OU Definition but it did not work. I can query through a workflow but would like to learn how to get the same results outside of a workflow.
Any help is appreciated!
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-07-2017 06:29 PM
Patrick,
I thought they were under that OU but I will get with our AD expert and double check. Thank you for your suggestions. I will check tomorrow and see if that is the issue.
I will respond back tomorrow and provide an update.
Thanks!
Angie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-08-2017 07:14 AM
I would set your RDN: OU=UCAMS Managed Groups,OU=Groups
and the filter to: (&(memberOf=CN=mygroup))
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-08-2017 08:11 AM
So, it looks like both suggestions should have worked but the ldap server here at my work is set to only pull groups with a specific criteria and my groups will never meet that criteria. Therefore, I will not be able to use ldap and was told to query AD directly and bypass LDAP. This was a great learning opportunity and I appreciate both of your suggestions. Now, I'm onto learning how to query AD directly. You might see another post come through . . . ha ha.
Thanks again!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-18-2019 04:23 PM
I know its an old thread but just checking if anyone came across the scenario like querying a group from AD which is from a different domain and add it to existing LDAP server.
Thank You!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-09-2019 09:03 AM
We have what I think is a similar issue. Our AD query appears to work but stops near the bottom of the alphabet. Even when we modify the query to return only the 1 valid AD record, the ServiceNow Jakarta query won't return the valid AD record.
For example, assume many users AAA, AAB, ... UAA, ... WXY, WXZ. Our AD query will return any of the first records but a query for samaccountname=WXZ (please ignore the query syntax) returns 0 records.
