x Want to participate? Join the group to interact
  • State Verified Answer
  • Replies 3 replies
  • Subscribers 138 subscribers
  • Views 205 views
  • Users 0 members are here
Browse Forums
Announcements
238
topics
29
replies
General Discussion
5k
topics
13k
replies
Sage Data & Analytics
56
topics
95
replies
Sage Enterprise Intelligence
212
topics
422
replies
Sage Intelligence Reporting
121
topics
322
replies
chunheng

Question: LDAP user synchronization with multiple OU in root path.

SOLVED
Posted By

Hi,

For Sage X3 v12p34.

AD setup as follows:

```

Root (internal.falsesage.com)

- Microsoft OU (multiple).

-- Guest

-- Administrator

- OU-SageAsia (OU)

-- OU-A-TC (OU)

--- U-OU-A-TC-J (User)

- OU-SageUS

-- OU-US-TC (OU)

--- U-OU-US-TC-M (User)

- OU-Test

-- G-OU-TEST-TC (group)

-- U-OU-TEST-chunheng (User)

```

If I run it as so:

I get this error:

Question: How do I tell the Sage X3 LDAP AD searcher to skip the Microsoft default users and AD path? They are not linked to any Sage X3 groups at this moment.

Parents
  • +1
    verified answer

    Hi Chudleigh,

    In AD make a new group for X3 users and all the users to that group.  Then in X3 sync on the base group and add the X3 group as a filter.

  • 0 in reply to Carl Herrmann

    ```

    Root (internal.falsesage.com)

    - Microsoft OU (multiple).

    -- Guest

    -- Administrator

    - sagex3 (OU)

    -- SageX3Users (Group) <---- Added all the users to be added to Sage X3 here.

    - OU-SageAsia (OU)

    -- OU-A-TC (OU)

    --- U-OU-A-TC-J (User)

    - OU-SageUS

    -- OU-US-TC (OU)

    --- U-OU-US-TC-M (User)

    - OU-Test

    -- G-OU-TEST-TC (Group)

    -- U-OU-TEST-chunheng (User)

    ```

    Using this as reference: https://serverfault.com/a/686973

    Search base need to be set as root location due to the AD setup (if set to a lower level and group was on a separate OU from root, ldap cannot see it exist):

    For sync search filter:

    If `Users belonging to known groups` was enabled, it will add the whole `Administration > Groups` with LDAP sync path into the search filter, which I do not want since it is extremely verbose.

Reply
  • 0 in reply to Carl Herrmann

    ```

    Root (internal.falsesage.com)

    - Microsoft OU (multiple).

    -- Guest

    -- Administrator

    - sagex3 (OU)

    -- SageX3Users (Group) <---- Added all the users to be added to Sage X3 here.

    - OU-SageAsia (OU)

    -- OU-A-TC (OU)

    --- U-OU-A-TC-J (User)

    - OU-SageUS

    -- OU-US-TC (OU)

    --- U-OU-US-TC-M (User)

    - OU-Test

    -- G-OU-TEST-TC (Group)

    -- U-OU-TEST-chunheng (User)

    ```

    Using this as reference: https://serverfault.com/a/686973

    Search base need to be set as root location due to the AD setup (if set to a lower level and group was on a separate OU from root, ldap cannot see it exist):

    For sync search filter:

    If `Users belonging to known groups` was enabled, it will add the whole `Administration > Groups` with LDAP sync path into the search filter, which I do not want since it is extremely verbose.

Children

*Community Hub is the new name for Sage City