Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to configure base DN when having many OUs

Ghazi Ben Jalel
Ghazi Ben Jalel October 15, 2015

I have 5 Organizational Units from which I need to dwnload users and groups

OU1,OU2,OU3,OU4,OU5

To download users from these 5 OUs, i created 5 connections as below:

OU=OU1,DC=intern,DC=company,DC=com

OU=OU2,DC=intern,DC=company,DC=com

OU=OU3,DC=intern,DC=company,DC=com

OU=OU4,DC=intern,DC=company,DC=com

OU=OU5,DC=intern,DC=company,DC=com

Users were downloaded successfully

Now I need to download related groups (group1, group2 and group3).

The issue here is that groups cannot have many OUs so they will have OU=OU1 or OU=OU2 or OU=OU3 or OU=OU4 or OU=OU5 to have users from the 5 OUs assigned to the 3 groups.

in this case, only users belonging to the configured OU within the group will be assigned to the downloaded group (group1, group2, or group3)

If they have only one OU as the RDN is unique in LDAP, they will not be able to download users from the 5 OUs

Is there a solution to get all users assigned to the 3 groups downloded and assigned to the users logged from the 5 OUs?


thanks,



Answer
Watch
Like Be the first to like this
6156 views

2 answers

0 votes
Ghazi Ben Jalel
Ghazi Ben Jalel October 19, 2015

Hi Daniel,

 

Thanks for your quick reply.

I tried with Base DN equals to only DC values but it didn't worked (not able to login with ldap)

so the base DN should necessarily contain OU values as if if I put a filter without OU, I can never login.

Reply
0 votes
Daniel Santos
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 15, 2015

Hi Ghazi,

Let's supose these are your LDAP locations to the users:
OU=OU1,DC=intern,DC=company,DC=com
OU=OU2,DC=intern,DC=company,DC=com

And these are the LDAP locations to your groups:
DC=groups,DC=company,DC=com

Your LDAP Base DN should be the common part ot all locations, complemented to the specific location for users and groups:

Base DN: DC=company,DC=com
Additional User DN: DC=intern
Additional Group DN: DC=groups

If you want to filter specific users dependin on their groups you can create a filter(User Object Filter) for that.
More information about filters can be found at: https://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters

Another useful link: https://confluence.atlassian.com/doc/connecting-to-an-internal-directory-with-ldap-authentication-229838462.html

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events