OpenLDAP MA Connector Filter RRS feed

  • Question

  • FIM 2010 R2
    100% new to this application and maybe I have the wrong expectations for what I am about to explain.

    Intended Purpose: pull users from a ldap source, import them into Exchange/AD as a Contact list in Exchange GAL. (One-Way Sync)

    Current status: AD GAL MA configured, working. OpenLDAP MA configured, am finally able to pull in users however they do not seem to be filtered.

    From ldap, I need to filter out any user where either 'mail' is empty(not defined) and/or if logshell equals /bin/false

    In the OpenLDAP MA config > Configure Connector Filter,
    Data Source Object Type: inetOrgPerson
    AND Data Source Object Type: top

    Filter Type: Declared

    I set 3 filters
    1. mail : is present
    2. logshell : Does not equal : /bin/false
    3. mail : is present AND logshell : does not equal : /bin/false

    On Full Import, it seems to be importing the full ldap directory, seems a lot of these same users that I want to filter are appearing as discovery-errors : unmappable-object-type - others are being imported.

    • Edited by Kitt.Carr Sunday, October 20, 2013 10:27 PM syntax cleanup
    Sunday, October 20, 2013 10:23 PM

All replies

  • Would this be my answer? When/who uses ‘connector filter rules

    Sunday, October 20, 2013 10:30 PM
  • Hello,

    yes thats correct, filter are only applied on sync, so you will have all objects in the CS of your openldap ma.

    I suggest to modify the source code of the ma to apply the filter within the code by changing the LDAP search.

    Maybe you would also have a look at this article.

    If you use the openLDAP-xma Keep in mind that XMA Framework is deprecated and will be removed in the nex release.


    Peter Stapf - Doeres AG - My blog:

    Monday, October 21, 2013 7:56 AM