LDAP User Import - Multiple DSN/Recursive

[Martyn Houghton]

Is it possible to get the LDAP User Import tool to support multiple DSN entries so you an import in one iteration from a structured user directory were you have multiple containers within OU=Users?

Alternatively is it possible to get the import tool to recursively search down from the specified DSN?

At the moment we will have to create a conf.json configuration file for each leaf level user container within our structured User container.

Cheers

Martyn

[TrevorKillick]

Hi Martyn

I will do some investigation and get back to you, its certainly possible to expand the Configuration so you can supply multiple DSN's. I will see how feasible it would be to recursively search from from one DSN to its children.

Kind Regards

Trevor

[TrevorKillick]

Hi Martyn

Looking through the Library we use to make the LDAP query there is an option input for Scope that supports the following:

ScopeBaseObject = 0

ScopeSingleLevel = 1

ScopeWholeSubtree = 2

Currently its set to 0 and this is not configurable, i have raised a Change CH00138411 to expose the full set of search options, would being able to query the whole sub tree negate the requirement for you to search multiple DSN's?

Kind Regards

Trevor

[Martyn Houghton]

Trevor

The ability to query the whole tree structure would alleviate the need to use multiple DSN, though ideally we would want to filter some sub containers out. Not how powerful the filter option is.

Could you add a query into the filter statement that would exclude users contained within a certain sub container?

Cheers

Martyn

[Gerry]

Hi Martyn,

I am pretty sure LDAP querying is not that flexible, if you want to be selective with the data you pull from the LDAP structure you probably only have two options.

1. Multiple LDAP queries, each one targeting the data you want, as many queries as you have data sets.

2. Global query where you do a topdown search that will include everything you want and then in your processing (i.e. the code processing the query) you filter the result set down to what you need.

For ultimate control over this, I would personally opt for option 1 for maintainability, but if you have special processing depending on the data I would go with the second option so I had more control over the data I am processing. In practice you may well need to use a combination of both approaches.

Hope that helps.

Gerry

[Martyn Houghton]

Gerry

For the moment we are going to go with multiple iterations LDAP queries/json config files take in each container.

If the option to search the whole sub tree, if feasible, would at least allow us to get all the users even if not all of them are required.

Cheers

Martyn

[TrevorKillick]

Hi Martyn

The latest version of the LDAP user Import Utility can be downloaded from out Wiki or found on GitHub

Kind Regards

Trevor Killick

[Martyn Houghton]

Trevor

Thanks, I will give that a go with the scope setting to drill down the sub containers.

Cheers

Martyn