We have a few trusts setup.  The K1000 (verson 5.5) is setup to pull in users from multiple trusted domains and it appears to work fine.  User can log in without a problem.  The KBOX resides in DomainA.

I want to setup some LDAP user labels to manage some things on the KBOX.  I have some Domain Local groups setup in DomainA that have users from DomainB and DomainC, however the labels do not get applied to those users.  When I do a label test to check the count of how many users it is seeing the total is only the amount that are from DomainA.

Is it possible to have an LDAP label for user that include users from the multiple domains?

2 Comments   [ + ] Show Comments


  • I suppose you could use a ticket rule to manage this, as I know it sounds silly, but hear me out:

    You have an LDAP label setup for DOMAIN A = USER

    Setup an ldap label for the other 2 domains, lets call them USER_B and USER_C and have them all import.

    Setup a ticket rule in one of your queues to run in the morning about 5 minutes after your LDAP import that runs and checks for all users with label USER_B and Label USER_C to be changed to label USER. The SQL for this would require just finding the user table, finding them label with USER_LABEL_JT and assigning it the right label ID or hell, just finding out the USER labels ID and then setting a query to say if USER_B or USER_C is label name, then update USER.LABEL_ID = [USERS ID]

    This is just a 'at first glance' work around to not being able to assign 1 ldap label to multiple LDAP Functions.

    I could be way off and missing something simple, though, you can create more labels named the same but they will have mixed ID's so anything based on that label would need to be by name, not ID.
  • Wild,

    That is what I was thinking had to be done in order to get this to work. I was just hoping I could manage this without a lot of configuring in each of the domains.

    We are going to collapes these domains in the next few months so I don't want to put in the configuration needed, but your idea is excellent if I was going to keep these long term.
    • well even short term, you can make the ticket rule in the meantime (if you're pretty nifty with SQL, shouldn't be too hard) and then just disable or delete the rule after it's collapsed, in the meantime that would ensure everyone is on the same Label in the short term, so when they DO collapse everyone is where they need to be.

      EDIT: Used the word Meantime too many times.... in one sentence...
Please log in to comment

There are no answers at this time


Answer this question or Comment on this question for clarity