/build/static/layout/Breadcrumb_cap_w.png

Systems Management Question


How do I create user labels limited by Active Directory roles?

06/26/2015 2522 views
For software installations, I'd like to be able to create a user label specifically for users with a "faculty" role in Active Directory. I've tried building labels for users limited by OU, but I still ended up pulling in all AD users - how do I narrow this down? and can I target users by role?

When I create an LDAP label and test it, I get the correct number of entries found, but, for example, applying the label to a software installation in the User Console Library does not limit access. Am I missing a step?
0 Comments   [ + ] Show comments

Comments


All Answers

0
You need to make sure you have the (SAMAccountname=KBOX_USER_NAME) field in your ldap search.

Here's a sample of mine.... (keep in mind that for me, I use the email as the username which is why I have mail=KBOX...)

(&(&(&(objectCategory=person)(physicaldeliveryofficename=*)(objectCategory=user)(mail=KBOX_USER_NAME))))

This pulls all users from the domain that have an office name in the LDAP.


Answered 06/26/2015 by: h2opolo25
Red Belt

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ