Has anyone ever created an LDAP label that includes a wildcard? I would like a label that will apply to all machines in OUs beneath a certain level, but the LDAP labels only seem to apply to a specific terminal OU (one without children).

Our AD structure includes separate OUs for each lab:
Lab Systems
->Building 1
---->Lab 1
---->Lab 2
->Building 2
---->Lab 1


I tried making an LDAP label that looks for:
distinguishedName=CN=KBOX_COMPUTER_NAME,*,OU=Lab Systems,OU=GPO Exceptions,DC=FAS,DC=LCL)

but it doesn't apply to any systems. If I include the entire OU tree then the label applies, but I don't want a label for each lab, I'd like a label that would apply to all systems beneath the Lab Systems OU.

Thanks in advance.
0 Comments   [ - ] Hide Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity


If you are on a recent Domain setup, you may want to look at this article:

Answered 10/31/2011 by: scottlutz
Orange Senior Belt

Please log in to comment
Try something like this.

Search Base DN: OU=Lab Systems,OU=GPO Exceptions,DC=FAS,DC=LCL
Search Filter: (sAMAccountName=KBOX_COMPUTER_NAME$)
Answered 11/01/2011 by: ncsutmf
Second Degree Green Belt

Please log in to comment
Thanks, ncsutmf, that did the trick.
Answered 11/01/2011 by: steelc
Senior Yellow Belt

Please log in to comment