Hi,
is it possible to set the User Object Filter to an OU and not to an ad-group?
At the moment it is set to:
User Object Filter:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=cn=Jira_Test,OU=RG_Jira,OU=Groups,DC=net,DC=local))
We would like to set is to something like that (cn=Jira_Test, is removed).
User Object Filter:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=OU=RG_Jira,OU=Groups,DC=net,DC=local))
Thank you + BR
Hi Gonchik,
well good question, if we set the User Object Filter to CN ( a AD-group) all other AD-Groups must be member of the main AD-group. You always have to keep this in mind, when you add a new AD-group.
CN=Jira-All,OU=RG_Jira,OU=Groups,DC=net,DC=local
Jira-All
Jira-Write (member of Jira-All)
Jira-Read (member of Jira-All)
In my opinion this is unnecessary when we read all ad-groups and the containing users of one OU.
OU=RG_Jira,OU=Groups,DC=net,DC=local
Jira-Write
Jira-Read
So you don't have to add the ad-group to the main-ad-group.
BR
Stefan
Hi Stefan,
Could you describe your use case?
If you want to set filter on OU level, better way use on basedn.
https://confluence.atlassian.com/kb/how-to-write-ldap-search-filters-792496933.html
BR,
Gonchik Tsymzhitov
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.