On 12/01/2018 09:30, Thorn, Colin wrote:
Hello,
I have a question regarding the sync of OUs.
Currently I have a OU I sync called External. In this OU some Users were, which
I did not want to sync, so I moved them into a OU called Partner one level
lower.
The structure looks somewhat like this.
Server
Users
Employees
External
Partner
When syncing the OU External it sync all Users from External and Partner. Users
of both OUs are put on the destination Server into the OU External.
Is there a possibility to stop this from happening. I only want the Users in
External to be synced.
Moving the OU Partner onto the same level as External is unfortunately not an
option.
Extract of my lsc.xml:
<ldapDestinationService>
<name>OpenLDAP-dst</name>
<connection reference="projectLDAP" />
<baseDn>ou=External,ou=Employees,ou=Users,dc=ldap,dc=local</baseDn>
Kind Regards,
Colin Thorn
Hi,
Depending on the kind of ldap source directory you are using, you could try to
exclude this lower OU in your LSC getAllFilter attribute using wildcard
expression. See
https://stackoverflow.com/questions/1101144/ldap-using-a-filter-to-avoid-a-sub-ou-in-active-directory.
If your ldap source directory is an AD, it will be more tricky. This response from above
thread (https://stackoverflow.com/a/7050535) suggest adding an attribute "ou"
within each user entry in your AD so you can use them in your filter to exclude people
from ou=partner or restrict to ou=external, I think it should work if you can get your AD
to populate this attribute.
--
Soisik
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
