/build/static/layout/Breadcrumb_cap_w.png

LDAP Labels

Hello,

I am trying to get LDAP Labels to work. I configured the LDAP labels and the test goes just fine. However, when I force a check in on the PC, the PC in the Inventory tab does not get the correct label. If I do a search via LDAP browser, I can search and find the machine I am looking for. Not sure what I am doing wrong but I posted a couple screens of my settings. I am guessing that maybe the search filter is off?? I was able to config LDAP for user authentication...but having issues with the labels.







0 Comments   [ + ] Show comments

Answers (4)

Posted by: jkatkace 14 years ago
Purple Belt
0
The test shows that no matches were found for this machine; it failed and the label will not apply.

I note that you're using the same DN for both your search base and group membership. Is that DN an actual container in AD? Is that DN an actual path to a group object in AD? Does the machine in question actually have a memberOf property with that DN as its value?
Posted by: techbeck 14 years ago
Orange Senior Belt
0
No really savvy with LDAP.

Basically all I need/want to do is list all the PC objects in a specific AD OU and then have it automatically apply the LDAP label to those machines in KBOX.

As far as using the same DN, I am assuming you mean where it says Test Lab. This is actually an OU in AD with the PCs I am trying to list and assign the label.
Posted by: techbeck 14 years ago
Orange Senior Belt
0
I fixed it by using the following, shorter, filter.

name=a*
Posted by: gkhairallah 13 years ago
Purple Belt
0
I realize this is an older post, but I will put in my 2 cents anyway:
Your search filter should contain the full DN of the group to which the computer object belongs.
So, your search filter should look something like this:

(&(name=KBOX_COMPUTER_NAME)(memberOf=CN=Group Name,OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=example,DC=com))

Also, make sure to replace "KBOX_COMPUTER_NAME" with an actual computer name, or a "*" while you're testing the LDAP Label.

If you're not sure about the full correct DN of an object, you can get it in multiple ways, the easiest which I'd suggest is using dsquery. i.e:
dsquery computer "OU=Test Lab,OU=Information Technology,OU=Ops Center,DC=Example,DC=Com"
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ