Le 19/05/2020 à 10:14, Lior Dotan a écrit :
> On Tue, May 19, 2020 at 11:03 AM Clément OUDOT
> <clement.ou...@worteks.com> wrote:
>>
>> Le 18/05/2020 à 18:04, Lior Dotan a écrit :
>>> Hi,
>>>
>>> My original setting had the users base DN set as:
>>> OU=test,DC=example,DC=com
>>>
>>> But since it returned too many users I changed it to:
>>> OU=ActiveUsers,OU=test,DC=example,DC=com
>>>
>>> However, all the users from other OUs are still present.
>>> This happens because my getOneFilter looks like this:
>>> &(mail={mail})(objectClass=user))
>>>
>>> And this filter finds any user.
>>> Since I cant use distinguishedName with wildcards, how can i refine
>>> the filter to only return users that are under the users base DN?
>>
>> This should be the case, LSC will only search entries below the baseDn.
> This is not what I'm seeing. LSC uses the getOneFilter which only
> filters by mail
> and if the mail exists in AD it doesnt delete the user regardless of
> the user full DN.See https://lsc-project.org/documentation/latest/basics#clean_phase LSC uses cleanFilter on source to match the user. -- Clément Oudot | Identity Solutions Manager clement.ou...@worteks.com Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list lsc-users@lists.lsc-project.org https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
