On Tue, May 19, 2020 at 11:03 AM Clément OUDOT <[email protected]> wrote: > > > Le 18/05/2020 à 18:04, Lior Dotan a écrit : > > Hi, > > > > My original setting had the users base DN set as: > > OU=test,DC=example,DC=com > > > > But since it returned too many users I changed it to: > > OU=ActiveUsers,OU=test,DC=example,DC=com > > > > However, all the users from other OUs are still present. > > This happens because my getOneFilter looks like this: > > &(mail={mail})(objectClass=user)) > > > > And this filter finds any user. > > Since I cant use distinguishedName with wildcards, how can i refine > > the filter to only return users that are under the users base DN? > > > This should be the case, LSC will only search entries below the baseDn.
This is not what I'm seeing. LSC uses the getOneFilter which only filters by mail and if the mail exists in AD it doesnt delete the user regardless of the user full DN. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
