/build/static/layout/Breadcrumb_cap_w.png

KACE Product Support Question


KACE - Import Active LDAP Users

06/08/2016 4208 views
We are planning on importing a lot of our users in our K1000 and we want to prevent the scenario of garbage in/garbage out. Is there a way to filter it so only ACTIVE users in AD are imported? Second is there a way to actively remove disabled/deleted accounts in AD automatically vs manual cleanup? 

my current filter looks like this 
Base DN: OU=Users,OU=Company,OU=Hosted,DC=DOMAIN,DC=local 
Advanced Search: samaccountname=KBOX_USER

I asked support and they said this isn't a feature now. Not sure how difficult this is to implement but if they query LDAP server for status of user why not provide an option to remove disabled/inactive users?

Thanks
2 Comments   [ + ] Show comments

Comments

  • See if this will work for the Search Filter:
    (&(samaccountname=KBOX_USER_NAME)(&(objectCategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))))
  • Thanks that worked. I had to change from KBOX_USER_NAME to KBOX_USER for the filter to work.

All Answers

2
See if this will work for the Search Filter:
(&(samaccountname=KBOX_USER)(&(objectCategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))))
Answered 06/08/2016 by: KACE_Irwin
Second Degree Brown Belt

  • Depending on whether your using the browser or ldap setup, you may want to try and interchange (&(samaccountname=KBOX_USER) with (&(samaccountname=*)

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ