- Join Now
Can ILST query from the domain root?
2 months ago
Our IAM team is currently in the process of reorganizing our AD tree, which is causing some issues with our ILST sync process. They are moving users from the ou=Employees,dc=OurCompany,dc=com to either ou=USA or ou=Canada (in the domain root). We manage permissions via AD group membership, but because we have the "BaseDN" value for our connection set to ou=Employees,dc=OurCompany,dc=com our ldap queries are no longer syncing employees moved to the new "USA" or "Canada" locations.
I know I can run the dsquery command below and get all of the group members:
dsquery * domainroot -filter "&(objectCategory=person)(objectClass=user)(memberOf=CN=OurCompany Community Sync,OU=Security Groups,OU=UserGroups,DC=OurCompany,DC=com)"
Does anyone know the equivalent to that in ILST? I attempted to set <BaseDN>dc=OurCompany,dc=com</BaseDN> but received a fairly generic error from:
2020-09-22 14:16:07.3731|ERROR|ILST.Program|Error during Sync occurred: An operation error occurred., at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at ILST.Connection.SearchDirectory(String searchFilter, String attributesRequired, String baseDN, SearchScope scope)
at ILST.UserAccount.GetUsers(ConnectionContainer connections)
Has anyone had to configure ILST to query users from the domain root? Any help would be greatly appreciated.
- 35 views
- 17 previews
- 1 version
- 2 replies
- 1 follower
- Posted By:
- Jason Bishop
- September 22, 2020
About this forum
- 7,133 views
- 1203 topics
- 33 followers
Ask your product questions using this forum and get help from our experts.
Viewed 35 times