This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LDAP filtering with Synchronization?

We have our server setup to syncronize with our AD, however the dashboard numbers seem off due to our Disabled Computers OU. I've tried a few ways to add (&(!userAccountControl:1.2.840.113556.1.4.803:=2)) (computers not disabled) to the LDAP container and have been unsuccessful. Is there any way to syncronize only computers that are not disabled?

This thread was automatically locked due to age.

0 jak over 14 years ago

Hi,

Afraid not, the only options I can think of are:

1. Move the syncpoint (possibly create multiple) to only sync OUs with valid computers.

2. Possibly explicityl deny access to the management server machine account to the OU with disabled computers in it. As the management service runs as system, when it talks to AD it will use the machine account.

Regards,

Jak
:15967
Cancel
Vote Up 0 Vote Down

Cancel
0 RJTech over 14 years ago

Thanks for the reply. As much as we didn't want to restructure our AD for a change as simple as stats in the enterprise manager, I think we will go through with it. I'm not exactly sure how LDAP queries are performed server side, but we are hoping it increases performance of other products we use to syncronize as well.
:16017
Cancel
Vote Up 0 Vote Down

Cancel