LDAP limit user search on specific OUs
I have been wondering whether it is possible to limit OUs in search base. This is how my hierarchy looks like:
Now, my search base is: dc=prod,dc=prod,dc=co
Is there possibility to limit user search only to these:
- OU=PROD,OU=SYS
- OU=PROD,OU=Int
- OU=UNIX
I'm a noob in this area, would be really welcome if someone could help.
Not sure if it is possible to use userSearchBase for multiple OUs (so far I understood that it is not possible, although for sssd I saw example which works) I think some user search filter might do it but wasn't really successful unfortunately
Solution
Yes, you can limit the search base to multiple or single OU's.
Ranger does accept multiple search bases, for example:-
OU=PROD,OU=SYS,dc=prod,dc=prod,dc=co;OU=PROD,OU=Int,dc=prod,dc=prod,dc;OU=UNIX,dc=prod,dc=prod,dc=co
Few thing to note, it has to be separated by ";" and it needs full path including "dc" values.
- Why does LDAP requires a two step "login" (connect and then bind)
- "é" become "ã©" while using ldap_modify_batch() in php
- How to check a username/password combination?
- How do I modify a Boolean LDAP Active Directory attribute using Net::LDAP?
- How do I unblock LDAP users in GitLab-CE
- Environment variables not defined in SSH AuthorizedKeysCommand (Docker)
- How can I cause ldap_simple_bind_s to timeout?
- Unknown Error (0x80005000) with LDAPS Connection
- Connect to Active Directory using LdapConnection class on remote server
- How to search for users in Active Directory from ASP.NET Core
- LDAP attribute to encode the language of human users mother tongue?
- How to remove multiple entries by a single ldap request in unboundid?
- ldap_add: No such object (32) when adding the root entry (initial ldif)
- Working with DirectoryServices in ASP.NET Core
- Automate joining Active Directory (AD) using Kerberos keytab?
- LdapCtxFactory because module java.naming does not export com.sun.jndi.ldap to unnamed module
- Springboot LDAP integration
- Can't Get Users' Active Directory Enabled Status in C#
- ldapsearch - truncating the result
- While trying to resolve a cross-store reference, the SID of the target principal could not be resolved. The error code is 1332
- Using LexikJWTAuthenticationBundle with an LDAP Provider
- Mapping Ldap groups to role of the application in tomcat
- LDAP: `ldapadd` Works but `ldapdelete` Does Not
- Why is my Spring LDAP search failing to return a user
- LDAP authentication using Spring security 2.0.3
- Custom UserProvider config symfony 4
- ActiveMQ Artemis JAAS LDAP - logged-in user has no access to anything
- GitLab LDAP Authentication Issues (SSL_connect, user auth)
- active directory filter with objectGUID encoded as specified in rfc2254 doesn't work
- Adding users temporarily to Active Directory groups using PHP