Le 19/05/2020 à 10:14, Lior Dotan a écrit : > On Tue, May 19, 2020 at 11:03 AM Clément OUDOT > <clement.ou...@worteks.com> wrote: >> >> Le 18/05/2020 à 18:04, Lior Dotan a écrit : >>> Hi, >>> >>> My original setting had the users base DN set as: >>> OU=test,DC=example,DC=com >>> >>> But since it returned too many users I changed it to: >>> OU=ActiveUsers,OU=test,DC=example,DC=com >>> >>> However, all the users from other OUs are still present. >>> This happens because my getOneFilter looks like this: >>> &(mail={mail})(objectClass=user)) >>> >>> And this filter finds any user. >>> Since I cant use distinguishedName with wildcards, how can i refine >>> the filter to only return users that are under the users base DN? >> >> This should be the case, LSC will only search entries below the baseDn. > This is not what I'm seeing. LSC uses the getOneFilter which only > filters by mail > and if the mail exists in AD it doesnt delete the user regardless of > the user full DN.
See https://lsc-project.org/documentation/latest/basics#clean_phase LSC uses cleanFilter on source to match the user. -- Clément Oudot | Identity Solutions Manager clement.ou...@worteks.com Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list lsc-users@lists.lsc-project.org https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users