Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

Sync users from multiple OU's from Microsoft AD in Crowd

Duc Pham3
Duc Pham Dec 08, 2016

Hi Everyone,

I have a case when using Microsoft AD integrated in Crowd. Since i want to reduce the scope of users to sync to Crowd from AD so that i need to reconfigure my Base DN in directory connector in Crowd. Is there anyway to add multiple OUs in Base DN? for example:  OU=container1,DC=example,DC=local;OU=container2,DC=example,DC=local.

I did google all day but it led me nothing sad

thanks in advance!

Answer
Watch
Like Lukasz Pater likes this

2 answers

1 accepted

0 votes
Answer accepted
Barry St.John
Barry St.John Dec 09, 2016

You can't do that with the base DN, but you can use groups in your user filter and only pull in users who are members of specific groups.

Note that I don't use AD with Crowd so you'll need to modify the LDAP syntax a little.  This example collects users who are members of either MYGROUP1, OR MYGROUP2, OR MYGROUPX in the USERGROUPS container in the MYCOMPANY organization.

(&(objectclass=inetOrgPerson)(|(groupMembership=cn=MYGROUP1,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUP2,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUPX,ou=USERGROUPS,o=MYCOMPANY))))

I believe this is correct for AD:

(&(objectCategory=user)(memberOf=CN=mygroup,OU=mygroupcontainer,DC=mycompany,DC=com))

You can also use a similar filter for pulling in the actual group objects.

 

View More Comments
Duc Pham3
Duc Pham Dec 11, 2016

Hi Barry,

I'm very appreciate that! It's fixed my issued now smile

Thanks

Like
Reply
0 votes
Bruno Vincent
Bruno Vincent Community Leader Dec 09, 2016

Hi Duc Pham,

Nope, you can't have multiple User DNs in the configuration tab of your directory.

What you should do here is create one directory per OU. Then, still in Crowd, add all these directories to your applications. For each of your applications, check the "Aggregate group memberships across directories" option in the directories tab.

View More Comments
Duc Pham3
Duc Pham Dec 11, 2016

Hi Bruno,

Thanks for your suggestion, that's also a solution for me smile

Like
Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Kate Clavet
Kate Clavet
Published in Opsgenie

Two Chances to Improve your Incident Management Workflow

Hi there!  We all know that incidents can be messy, but they happen. Managing your response and planning ahead can make a *huge* difference in the duration and chaos of an incident. We have ...

70 views 0 1
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you