Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

Sync users from multiple OU's from Microsoft AD in Crowd

Duc Pham3
Duc Pham Dec 08, 2016

Hi Everyone,

I have a case when using Microsoft AD integrated in Crowd. Since i want to reduce the scope of users to sync to Crowd from AD so that i need to reconfigure my Base DN in directory connector in Crowd. Is there anyway to add multiple OUs in Base DN? for example:  OU=container1,DC=example,DC=local;OU=container2,DC=example,DC=local.

I did google all day but it led me nothing sad

thanks in advance!

Answer
Watch
Like 1 person likes this

2 answers

1 accepted

0 votes
Accepted answer
Barry St.John
Barry St.John Dec 09, 2016

You can't do that with the base DN, but you can use groups in your user filter and only pull in users who are members of specific groups.

Note that I don't use AD with Crowd so you'll need to modify the LDAP syntax a little.  This example collects users who are members of either MYGROUP1, OR MYGROUP2, OR MYGROUPX in the USERGROUPS container in the MYCOMPANY organization.

(&(objectclass=inetOrgPerson)(|(groupMembership=cn=MYGROUP1,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUP2,ou=USERGROUPS,o=MYCOMPANY)(groupMembership=cn=MYGROUPX,ou=USERGROUPS,o=MYCOMPANY))))

I believe this is correct for AD:

(&(objectCategory=user)(memberOf=CN=mygroup,OU=mygroupcontainer,DC=mycompany,DC=com))

You can also use a similar filter for pulling in the actual group objects.

 

View More Comments
Duc Pham3
Duc Pham Dec 11, 2016

Hi Barry,

I'm very appreciate that! It's fixed my issued now smile

Thanks

Like
Reply
0 votes
Bruno Vincent
Bruno Vincent Community Champion Dec 09, 2016

Hi Duc Pham,

Nope, you can't have multiple User DNs in the configuration tab of your directory.

What you should do here is create one directory per OU. Then, still in Crowd, add all these directories to your applications. For each of your applications, check the "Aggregate group memberships across directories" option in the directories tab.

View More Comments
Duc Pham3
Duc Pham Dec 11, 2016

Hi Bruno,

Thanks for your suggestion, that's also a solution for me smile

Like
Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Maggie Roney
Maggie Roney
Published Feb 27, 2018 in Crowd

The Crowd team is looking for feedback on Server & Data Center customers' identity strategies!

Do you own more than one Server or Data Center product? Do you have challenges provisioning users across your Atlassian products? Are you spending a lot of time integrating each Atlassian product wit...

1,556 views 6 14
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you