I’m trying to set up ldapimport to create users and groups from AD.
I only want to import some groups. This works as expected.
I only want to import the users that are members of the above groups, not all the users in the OU. I understand I can use Set($LDAPImportGroupMembers, 1); to accomplish this, but I am unsure of what user ldapfilter I am supposed to use to stop all users being imported.
TIA
my code:
Set($LDAPHost,‘xx’);
Set($LDAPOptions, [ port => 636,
scheme => ‘ldaps’,
raw => qr/(;binary)/,
version => 3,
verify => ‘required’,
cafile => ‘xx’ ]);
Set($LDAPUser,‘xx’);
Set($LDAPPassword,‘xx’);
Set($LDAPBase, ‘CN=xx’);
Set($LDAPFilter, ‘(&(objectClass=user))’);
Set($LDAPMapping, {Name => ‘uid’, # required
EmailAddress => ‘mail’,
RealName => ‘cn’,
WorkPhone => ‘telephoneNumber’,
Organization => ‘departmentName’});
Set($LDAPGroupBase, ‘xx’);
Set($LDAPGroupFilter, ‘(|(CN=group1)(CN=group2))’);
Set($LDAPGroupMapping, {Name => ‘cn’,
Member_Attr => ‘member’,
Member_Attr_Value => ‘dn’ });
Set($LDAPImportGroupMembers, 1);
When i run rt-ldapimport --verbose with the above code it correctly imports just the two groups, but still tries to import all users.