Creating LDAP labes based on Organizational Unit
I want to create an ldap label based on users in one OU. Now to do this I tried to define the Base DN as the OU. When I tested this within the LDAP label creator itself, it does actually says how many entries are in this OU, but when I enable this label, it puts every pc under this label.
The search filter I use is: (samaccountname=KBOX_USER)
Can some one point out if this search filter is wrong, or which I should use, or if this is just impossible?!
Thanks!
The search filter I use is: (samaccountname=KBOX_USER)
Can some one point out if this search filter is wrong, or which I should use, or if this is just impossible?!
Thanks!
1 Comment
[ + ] Show comment
-
Are you trying to move users or computers into the OU? You say users at first but then say computers at the end. - scarpent 10 years ago
Answers (2)
Answer Summary:
I tried to use this filter, though i didn't seem to be working. But it gave me an idea to change the Base DN, so it would search in that OU, and than use the filter (samaccountname=KBOX_USERNAME) this seems to be working fine, thanks! - See more at: http://www.itninja.com/question/creating-ldap-labes-based-on-organizational-unit#sthash.Xe1G4NAP.dpuf
I tried to use this filter, though i didn't seem to be working. But it gave me an idea to change the Base DN, so it would search in that OU, and than use the filter (samaccountname=KBOX_USERNAME) this seems to be working fine, thanks! - See more at: http://www.itninja.com/question/creating-ldap-labes-based-on-organizational-unit#sthash.Xe1G4NAP.dpuf
Please log in to answer
Posted by:
BHC-Austin
10 years ago
The answer will be heavily determined by exactly what you are trying to do.
If you are trying to just create an LDAP User Label for users that are logging into the K1200 (via User or Admin console) then you are most likely doing it right, but LDAP User Labels are broken in 6.0
If you are trying to create a Device LDAP Label for devices that those users are logged into, then you'll need to use the KBOX_USERNAME variable instead.
That said, in either case, it might be better to set the Base DN to the uppermost and then use a filter like this:
(distinguishedName=CN=KBOX_USERNAME,OU=My User OU,DC=MyDomain,DC=com)
That is taken directly from an LDAP Device label that we use (sanitized, of course)
Comments:
-
I'm trying to create device LDAP labels based on users in one OU. The LDAP labels uses the loged in user to compair this with the user in this OU.
I tried to use this filter, though i didn't seem to be working. But it gave me an idea to change the Base DN, so it would search in that OU, and than use the filter (samaccountname=KBOX_USERNAME) this seems to be working fine, thanks! - peter1891 10 years ago
Posted by:
nshah
10 years ago