by Dan Matthews
17. April 2007 08:59
Massive frustration... only being able to point to an AD once with a single Import connection. (Try setting up a second and see what happens!) Can anyone think of a logical reason why this limitation should be there?
To work around it, either construct a clever LDAP query to change your search root or select specific AD nodes, or use a Security Group on the filter, like so:
(&(objectCategory=Person)(objectClass=User)(memberOf=CN=YOURGROUP,OU=YOUR_OU_IF_PRESENT,DC=SOMEDOMAIN,DC=CO,DC=UK))
The advantage of using a Security Group is to get excellent granularity. I use it to select whole groups of users, and then pick just a couple of extra ones as well (could be staff admins or something)
Subscribe