On 05.05.2009 09:46, Cl?ment OUDOT wrote: >> Hi Cl?ment :) >> > Hi Jon! > > Thanks for the quick reply. >
No problem :) >> Did you try using extensible filters? Like for example: >> (&(objectclass=user)(!(ou:dn:=archives))) >> >> This is defined in the LDAP search filters RFC, and I think AD >> implements it. >> > > Oh, great idea! But my tests on AD are not successful... I found that: > http://msdn.microsoft.com/en-us/library/cc223367(PROT.10).aspx > > It is written that AD only support 3 extensible match filters, and not the > "dn:" trick. So I'm sad :( > Hmmm. I tried it, and it seems to understand the filter, but only matches the "ou" entry, not it's subentries... :( >>> What do you think of be able to put several values for >>> lsc.tasks.inetOrgPerson.dstService.baseDn? LSC would do a search for >>> each >>> value, so we can manage several branches. >>> >>> >> That's an interesting idea! Thanks for it. >> >> I considered the same problem a while ago, with a list of ~50 DNs. At >> the time, I made a special source JNDI service that read an external CSV >> file containing the DNs. But I think your solution is neater. >> >> > I'm happy that you like the idea. Do you think it is difficult to implement? > No, it shouldn't be too hard. Would you create a feature request on Redmine? Jon -- -------------------------------------------------------------- Jonathan Clarke - jonathan at phillipoux.net -------------------------------------------------------------- Ldap Synchronization Connector (LSC) - http://lsc-project.org --------------------------------------------------------------
