Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Sync users from multiple OU's from Microsoft AD in Crowd

Duc Pham3
Duc Pham December 8, 2016

Hi Everyone,

I have a case when using Microsoft AD integrated in Crowd. Since i want to reduce the scope of users to sync to Crowd from AD so that i need to reconfigure my Base DN in directory connector in Crowd. Is there anyway to add multiple OUs in Base DN? for example:  OU=container1,DC=example,DC=local;OU=container2,DC=example,DC=local.

I did google all day but it led me nothing sad

thanks in advance!

Answer
Watch
Like lpater likes this
2849 views

2 answers

1 accepted

0 votes
Answer accepted
Barry St.John
Barry St.John December 9, 2016

You can't do that with the base DN, but you can use groups in your user filter and only pull in users who are members of specific groups.

Note that I don't use AD with Crowd so you'll need to modify the LDAP syntax a little.  This example collects users who are members of either MYGROUP1, OR MYGROUP2, OR MYGROUPX in the USERGROUPS container in the MYCOMPANY organization.

(&(objectclass=inetOrgPerson)(|(groupMembership=cn=MYGROUP1,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUP2,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUPX,ou=USERGROUPS,o=MYCOMPANY))))

I believe this is correct for AD:

(&(objectCategory=user)(memberOf=CN=mygroup,OU=mygroupcontainer,DC=mycompany,DC=com))

You can also use a similar filter for pulling in the actual group objects.

 

View More Comments
Duc Pham3
Duc Pham December 11, 2016

Hi Barry,

I'm very appreciate that! It's fixed my issued now smile

Thanks

Like
Reply
0 votes
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 9, 2016

Hi Duc Pham,

Nope, you can't have multiple User DNs in the configuration tab of your directory.

What you should do here is create one directory per OU. Then, still in Crowd, add all these directories to your applications. For each of your applications, check the "Aggregate group memberships across directories" option in the directories tab.

View More Comments
Duc Pham3
Duc Pham December 11, 2016

Hi Bruno,

Thanks for your suggestion, that's also a solution for me smile

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events