For software installations, I'd like to be able to create a user label specifically for users with a "faculty" role in Active Directory. I've tried building labels for users limited by OU, but I still ended up pulling in all AD users - how do I narrow this down? and can I target users by role?

When I create an LDAP label and test it, I get the correct number of entries found, but, for example, applying the label to a software installation in the User Console Library does not limit access. Am I missing a step?
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0
You need to make sure you have the (SAMAccountname=KBOX_USER_NAME) field in your ldap search.

Here's a sample of mine.... (keep in mind that for me, I use the email as the username which is why I have mail=KBOX...)

(&(&(&(objectCategory=person)(physicaldeliveryofficename=*)(objectCategory=user)(mail=KBOX_USER_NAME))))

This pulls all users from the domain that have an office name in the LDAP.


Answered 06/26/2015 by: h2opolo25
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity

Share