ADAMSync Groups from Specific OU in AD


  • All,

    I am trying to create an AD to LDS sync which will include Users and Groups from a specific OU in AD.  I can't seem to find an LDAP query that will pull the all the groups and users from an OU.  I have no problem syncing users from a specific group using (&(objectClass=user)(objectCategory=Person)(memberof=CN=Claims,OU=SecGroups,OU=BusUnitX,OU=Businesses,DC=mini,DC=contoso,DC=com)) .  

    Essentially what I am looking for is a wildcard query for everything in OU=SecGroups, but I know that wildcards don't work.  Is this doable in a way that I am not seeing?  Pulling all groups from AD isn't practical as it pull in 10's of thousands of groups I don't need and creating an LDAP string for each group in the OU would be impractical as this OU has about 400 groups in it.  Plus that just gets me user info and not group info (I need the "members" info in the Group attribute).  

    Any thoughts would be appreciated.


    Wednesday, February 1, 2017 9:32 PM

All replies