Is there a way to import/authenticate LDAP users from multiple OU’s?
1 Like
Set $LDAPBase to the root of your directory (eg. ‘DC=ad,DC=mydomain,DC=com’). Then use $LDAPFilter to filter just the accounts you want - either all users, or members of a group, or whatever.
Is there a filter to exclude an OU?
It seems that it depends on your LDAP source. Active Directory doesn’t support it.
You might be able to use filter to achieve this. Have look at: ldap - How to use a filter to avoid a sub OU in Active Directory? - Stack Overflow Where an example for RT would be:
filter => (&(objectClass=posixAccount)(!(ou=Evil)))
Disclaimer: I have not tested this!
We ended up using strictor filters, but thank you for the help.
1 Like