Need Ldap query to prevent user search in particular OU's in active directory RRS feed

  • Question

  • We need to skip user search in particular OU. So what will be the ldap query to search all user's except from specified OU and it's sub OU's.
    Monday, October 22, 2018 11:04 AM

All replies

  • An LDAP filter cannot exclude OU's. You can set the base of the query (the OU where the query starts) and the scope (oneLevel means only query the base, subTree means also query all nested OU's). Otherwise, the only recourse is code/script to analyze the distinguished names in the results and exclude those in specified OU's.

    It sounds like you can get what you want if you can specify the base OU and scope of subtree (which should be the default). The base must be the full distinguished name of the OU.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Monday, October 22, 2018 3:20 PM