/build/static/layout/Breadcrumb_cap_w.png
09/23/2019 118 views

Hi All,

We are currenlty working on a K1000 9.1.317 system which we obviously use for software management.
I've inherited the system from a predecessor and I found it was time to cleanup a bit as pc's are not organized at all.

Since we are working on 2 continents, and our MS AD is set to have multiple branches depending on the office I found the LDAP filters interesting to use.

Basically we have

DC

--> OU=Office 1
----> OU=users
----> OU=Workstation

PkzecMBAAAAAEpBEDQAAAAAFgcEEAAAAAAWR5EAOh6PkzccAAAAAKAUBEEDAAAAYHH8H6w8r0xITr4OAAAAAElFTkSuQmCC-> OU=Office 2
----> OU=users
----> OU=Workstation


My intend is to have 2 filters based on the computers in Office 1 and Office2.
As filter I've been using "(objectclass=computer)"/"(CN=KBOX_COMPUTER_NAME)" "just blank as the ou gets all pc's"


The LDAP browser seems to work fine using the created Search Base DN

xOAAAAABJRU5ErkJggg==


But the filter applied is alwas failing.

ANy thoughts how and why?

wO8Sj5bdIOyxAAAAABJRU5ErkJggg==



Thanks

Kristof



Answer Summary:
2 Comments   [ + ] Show comments

Comments

  • Have you thought about going to multiple orgs in your kbox and using org filters to separate the machines into the orgs? That would allow you to manage each site and also allow site admins, have different settings based on location etc.
  • Hi SMal.tmcc - that was exactly what I was thinking off.

    The thing is (and perhaps there is my flaw) is that the K1000 agent is installed during K2000 scripted installation but device always seem to get in the default organization.
    But in that same K2000 deployment I'm adding the workstation to the domain, and move it to the just OU.

    My idea was to assign a ldap filter to an organization and since the workstation was in the just ou, the filter would work automatically.

    I don't even need a special filter of somekind, just get all the pc/workstations matchin in a OU.

    Kristof

Answer Chosen by the Author

1

you need to query objectcategory vs objectclass.  object class is a multi-string array

https://docs.microsoft.com/en-us/windows/win32/ad/object-class-and-object-category

2Q==

Answered 09/23/2019 by: SMal.tmcc
Red Belt

  • Well that does seem to do the trick using it like (objectClass=computer) but as you can see in the screenshot it didn't work before.
    I did a reboot of the k1000 and now seems to work out of the box....
    funky ;-)

    Thanks for the answer @SMal.tmcc