I have a working LDAP Filter on the IP Phone field in the AD User
However, I am having trouble creating a working LDAP filter on a custom group in AD. I have tried several
Does anyone have any advice ?
Solved! Go to Solution.
Got it working!!
This filter grabs all users within the group i specified below. A_VOIP-SoftPhone
Just FYI, if someone is reading this, I'm using DC=ad but some of you may use DC=com
an easy way of finding your path, go to your Active Directory Users and Groups, find your group, right click, properties, attribute editor, then find your distinguished name and that will be what you can use. You can then test this by adding a New "Saved Query" define the query, custom query, Advanced, then enter in your LDAP query and save. It should then show you the list of members in the group.
This is an example of a filter that we use to filter on membership in a group.
Thank you for the information. I am trying to apply this LDAP filter to Cisco Directory Connector and I keep getting an error during a dry sync. I cant seem to add a filter based on your above advice.
Unhandled exception has occurred in your application.
Index was out of range. Must be non-negative and less than the size of the collection
@Roger KallbergI appreciate your assistance. I upgraded to 3.7.1001.64569
Ironically, I run the working sync I still get the warning message I described above. However, it does match many of the objects when I click continue. So the dry synch works.
But when I perform a dry sync on the User LDAP Filter on my Security Group, it doesnt match anything. Many of the users added to the system are in this group, so there should be many matches.
Sorry about the typo, I got dumped out and retyped it queickly to post it here. But this is the sync that I ran
Thank you for being patient and helping me with this.
the XXXX.ad domain > Groups has a group name A_VOIP_SoftPhone which has the members I want to sync. Many of these members were manually added via CSV (including myself) so should show matches during the dry run sync. Just checked the Group members and they are all there.
I do get that the group is there and that the users are members of the group, but what I ask is do that OU also actually contain the user objects as such? If not you would need to alter the search base to a point that is higher up in the directory tree. This setting point to where the search will start, it would search for users from this point and downwards in the directory tree.