LDAP Browse not seeing the nodes

Luiz Lucena
Mega Sage

‎10-04-2018 01:30 PM

Hi everyone, 

Some background information first.

a. We have an LDAP integration with some OU definitions working.

b. We are importing Users from AD into the Sys_Users table, that is working as expected.

c. Within our Users OU in AD, there is another OU called Privileged Users, which is also being imported through the LDAP OU Definition described in item (b).

d. We have another sub-OU called Delegated Access which contain groups that are not mapped yet with transform maps.

 

The issue we are facing:

When using the feature LDAP Browse to "see" the OU=Privileged Users or OU=Delegated Access we cannot see anything.

See example:

find_real_file.png

 

find_real_file.png

 

The question is:

This browse feature search directly on AD or should we first create an LDAP OU Definition with proper Transform Maps in order to import the data and browse after that?

 

Preview file
18 KB
Preview file
19 KB
0 Helpfuls
  • 1,672 Views
6 REPLIES 6

Mark Stanger
Giga Sage

‎10-04-2018 01:39 PM

You should be able to browse the entire LDAP structure.  If it's not working it's probably because you don't have the appropriate read permissions in LDAP to see those nodes.

Luiz Lucena
Mega Sage
In response to Mark Stanger

‎10-04-2018 01:54 PM

Thanks, Mark, for the quick response.

I'm suspecting that also. 

Without any filter I'm able to see other OU's.

So looks like it's on Active Directory, GPO or something.

Thank you again!

Luiz Lucena
Mega Sage
In response to Mark Stanger

‎10-05-2018 07:04 AM

Hi Mark,

 

I'm removing the mark as correct answer because we believe there is something else.

I'm suspecting the reason is the & in the OU name.

Example:

OU=Users & Groups

OU=Computers & Printers

 

Are the only two OU we cannot see the values using LDAP browse.

Would you know how to make ServiceNow reads that without having to change AD?

 

Thanks in advance!

 

ps.: Congrats for the servicenowguru.com I'm a big fan of it!

0 Helpfuls

Mark Stanger
Giga Sage
In response to Luiz Lucena

‎10-05-2018 07:10 AM

Thank you!  I don't know of a way to change how ServiceNow reads those names.  I think it would be worth testing your theory though.  Just create a new group with an ampersand to test with to make sure.  It could be the issue, but I've never heard of it in all my time working with ServiceNow.