On Thu, 2 Dec 2004, Oliver Hookins wrote:
This obviously just looks in the Users container for groups and users and any subtrees. I tried shortening the Base DN for both users and groups to just dc=domain,dc=local but it doesn't appear to work, I suspect because of the filters or something. How can I specify a base DN and filter when the users may be in one of any number of OUs? (even OUs nested within others)
By speficying a base DN above all your OUs, i.e. the least common denominator DN, usually the top of your tree.
The only requirement from the Squid LDAP tools is that the information is kept within a single tree.
Regards Henrik
So far in my test case I only have the base structure of DC=domain,DC=local and the rest something like this:
local (DC) --- domain (DC) -- Builtin (CN)
|- Computers (CN)
|- Domain Controllers (CN)
|- ForeignSecurityPrincipals (CN)
|- TestOU (OU)
|- Users (CN)So if I have my users in Users, and specify the base dn as CN=Users,DC=domain,DC=local it works. But if I have some users in Users and some users in TestOU and specify my base dn as DC=domain,DC=local it doesn't work. In fact I think it may have been coming back with an LDAP Operations error in those cases.
Regards, Oliver
