I am trying to create a LDAP label to identify servers in multiple OUs as oppose to creating a label for each OU. Is this possible. The format I am currently using is:

(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=Servers,OU=Office A,OU=Location A,DC=domain,DC=com)

I want to be able to use the following in the same label but would like to know if there was able to split them. By themselves the filters work, but when trying to put them in the same label they do not work.

(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=Servers,OU=Office B,OU=Location B,DC=domain,DC=com)

Can this be done?

 

 

Answer Summary:
Cancel
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

2

I have now resolved this by creating a security group within AD and then created a LDAP smart label in KACE, below is the filter I have used:

Search Base DN: DC=domain,DC=com

Search Filter:

(&(memberOf=CN=Servers_Group_Name,OU=Groups - OU,DC=domain,DC=com)(name=KBOX_COMPUTER_NAME))

 

 

Answered 08/29/2013 by: jeanome
Senior White Belt

Please log in to comment
2
I know this is an old thread, but I tried to do the same thing when we started having to move machines between 2 OUs (those that had been upgraded to Windows 8 to the new OU, the Windows 7 machines in the old OU) but still wanted to reach them under one KACE label.

Anyway, this is what worked (using an OR in my LDAP query):

(&(objectclass=computer)(|(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=HC035,OU=HCBuilding,OU=StudentLabs,OU=Henderson,OU=Other,DC=somedomain,DC=someschool,DC=edu)(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=HC035,OU=HCBuilding,OU=MigratedWin8,OU=StudentLabs,OU=Henderson,OU=Other,DC=somedomain,DC=someschool,DC=edu)))

See the screenshot for the LDAP label:


Hope this helps someone,
Jonas
Answered 10/30/2014 by: SwissJay
Senior White Belt

  • This helped me solve my problem as a workaround for kbox inability to search in nested security groups.
Please log in to comment
1

you can always create an AD group and put the servers in that group, then ldap against that group.

Answered 08/28/2013 by: SMal.tmcc
Red Belt

Please log in to comment
1

Just before this post was replied to, I have created a group and added the servers into the security group. However I am trying to find the correct format to use when adding the ldap filter into KACE.

I am currently using this format:


(&(samaccountname=KBOX_COMPUTER_NAME)(memberOf=CN=Group name,OU=Groups,DC=domain,DC=com))
Answered 08/28/2013 by: jeanome
Senior White Belt

  • I think from reading this you just want to use name=
    http://www.itninja.com/question/trying-to-import-machines-into-a-kace-label-based-on-computer-group-membership
Please log in to comment
Answer this question or Comment on this question for clarity

Share