LDAP Labels
Hello,
I am trying to get LDAP Labels to work. I configured the LDAP labels and the test goes just fine. However, when I force a check in on the PC, the PC in the Inventory tab does not get the correct label. If I do a search via LDAP browser, I can search and find the machine I am looking for. Not sure what I am doing wrong but I posted a couple screens of my settings. I am guessing that maybe the search filter is off?? I was able to config LDAP for user authentication...but having issues with the labels.
I am trying to get LDAP Labels to work. I configured the LDAP labels and the test goes just fine. However, when I force a check in on the PC, the PC in the Inventory tab does not get the correct label. If I do a search via LDAP browser, I can search and find the machine I am looking for. Not sure what I am doing wrong but I posted a couple screens of my settings. I am guessing that maybe the search filter is off?? I was able to config LDAP for user authentication...but having issues with the labels.
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
jkatkace
14 years ago
The test shows that no matches were found for this machine; it failed and the label will not apply.
I note that you're using the same DN for both your search base and group membership. Is that DN an actual container in AD? Is that DN an actual path to a group object in AD? Does the machine in question actually have a memberOf property with that DN as its value?
I note that you're using the same DN for both your search base and group membership. Is that DN an actual container in AD? Is that DN an actual path to a group object in AD? Does the machine in question actually have a memberOf property with that DN as its value?
Posted by:
techbeck
14 years ago
No really savvy with LDAP.
Basically all I need/want to do is list all the PC objects in a specific AD OU and then have it automatically apply the LDAP label to those machines in KBOX.
As far as using the same DN, I am assuming you mean where it says Test Lab. This is actually an OU in AD with the PCs I am trying to list and assign the label.
Basically all I need/want to do is list all the PC objects in a specific AD OU and then have it automatically apply the LDAP label to those machines in KBOX.
As far as using the same DN, I am assuming you mean where it says Test Lab. This is actually an OU in AD with the PCs I am trying to list and assign the label.
Posted by:
gkhairallah
13 years ago
I realize this is an older post, but I will put in my 2 cents anyway:
Your search filter should contain the full DN of the group to which the computer object belongs.
So, your search filter should look something like this:
(&(name=KBOX_COMPUTER_NAME)(memberOf=CN=Group Name,OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=example,DC=com))
Also, make sure to replace "KBOX_COMPUTER_NAME" with an actual computer name, or a "*" while you're testing the LDAP Label.
If you're not sure about the full correct DN of an object, you can get it in multiple ways, the easiest which I'd suggest is using dsquery. i.e:
dsquery computer "OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=Example,DC=Com"
Your search filter should contain the full DN of the group to which the computer object belongs.
So, your search filter should look something like this:
(&(name=KBOX_COMPUTER_NAME)(memberOf=CN=Group Name,OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=example,DC=com))
Also, make sure to replace "KBOX_COMPUTER_NAME" with an actual computer name, or a "*" while you're testing the LDAP Label.
If you're not sure about the full correct DN of an object, you can get it in multiple ways, the easiest which I'd suggest is using dsquery. i.e:
dsquery computer "OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=Example,DC=Com"
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.