LDAP-Setup, Specify multiple OU's in "Additional User DN"

Hello,

I have setup an user directory to synchronize with our Active Directory like this:

Base DN: dc=domain,dc=name

Additional User DN: ou=Employees

Additional Group DN: ou=Groups,ou=are,ou=here

Furthermore I have used "User Object Filter" and "User Object Filter" to only add users and groups that are member of a certain group in AD.

 

Now we also want to include some users found under ou=consultants,dc=domain,dc=name, but because our AD has a huge number of users with thousands of users (mostly school pupils) we don't want to just remove ou=Employees from "Additional User DN" and sync the entire tree. Can you use LDAP filter-syntax in "Additional User DN" or do you have any other way to specify more than one path?

If not, are there any other good ways of accomplishing what we want without modifying our ad structure or syncing the entire tree?

2 answers

Hello Trond,

You could also add multiple user directories pointing to different parts of your Active Directory.

 

Lars. Kantega Single Sign-on

good point! didn't think of that

No problem!

That`s why we have the community, right? :)

-Lars

Hello Lars Olav Velle,

If I understood your suggestion correctly, we need to add multiple user directories on Jira to get different sets of users from multiple OU paths of AD, for example, one User-Directory for "OU=EMPLOYEES,OU=Location_1,OU=Domain,OU=Local" and a second User-Directory for "OU=EMPLOYEES,OU=Location_2,OU=Domain,OU=Local". Please confirm.

 

Is it possible to specify all required AD-OU-paths in a single User-Directory? If so, please help me with the syntax for specifying multiple AD paths, either in the LDAPFilter or in the Additional User DN settings.

Thanks.

Regards,

Shyam

The root cause of syncing the entire tree was actually something completely different. Turning off "follow referals" under advanced settings solved the underlying problem

Yes, that should never have been the default setting!

-Lars

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Thursday in Jira

Meet the AUG leaders of Northern Virginia

@Rachel Wright (Jira Genie), @Billy Poggi (AUG NOVA, DC), and @Dana Jansen (Confluence Queen) are just some of the folks that lead one of the world's most active Atlassian User Group (AUG)....

131 views 5 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you