No announcement yet.

Custom LDAP Query to Populate System Set Membership

  • Filter
  • Time
  • Show
Clear All
new posts

  • Custom LDAP Query to Populate System Set Membership

    I have an Active Directory group named Computers-ERPM-DMS. There are 4 servers that are members of this group. Within ERPM, I have a System Set named SSC_DMS. In System Set properties > Active Directory Paths I'm trying to use a custom LDAP query so only members of the Computers-ERPM-DMS AD group will be contained in the SSC_DMS system set. Here's the current syntax:

    (&(objectCategory=computer)(memberOf=CN=Computer s-ERPM-DMSProd,CN=Computer Groups,DC=xxxxxxx,DC=com))

    Is there anything wrong with the syntax? For the LDAP Path I've tried both the top level and led it down to a more specific OU and neither worked.

    *I've used xxxxxxx to hide our domain name.

  • #2
    It appears to be a typo in the DN of the memberOf attribute. Active Directory does not have a container (CN) called "Computer Groups" - only the "users" and "computers" serve this purpose. Rather, it is most likely that "Computer Groups" is an organizational unis (OU).

    Thus the path is most likely: CN=Computer s-ERPM-DMSProd,OU=Computer Groups,DC=xxxxxxx,DC=com

    Hope that helps.

    1875 Century Park East, Suite 1200
    Los Angeles, CA 90067
    Main: (800) 829-6263
    International: +1 (310) 550-8575
    Fax: (310) 550-1152