Hyland Connect

excitedbynoise · ‎03-11-2011

I'm trying to sync Alfresco with multiple AD OUs. I initially had 1 statement in the config:

"ldap.synchronization.userSearchBase=ou=Employees,dc=mydomain,dc=loc"

I added a second:

"ldap.synchronization.userSearchBase=ou=Portal Users,dc=mydomain,dc=loc"

Once it was added it seems to have wiped out all my my people from the employees OU. How can I sync both OUs to Alfresco?

durrell · ‎03-14-2011

This was one of the toughest concepts for me to grasp, as I was new to Alfresco AND AD when I set it up. I recommend using an Active Directory browser like Apache Directory Studio to query your information out and find a search string that works for you. My search string searches based on Description, which is really probably a bad idea, but since our account creation is driven from another database and scripted automatically I haven't had any issues. All of our users are in a single OU, which breaks down into smaller OUs depending on what type of User they are.

What you need to do is move your search base up a directory so that it includes both OUs and then query down to include both of those OUs in the personQuery.

Hope that makes sense. Here are my two strings:



# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(|(description=Facult*)(description=Staf*)(description=Adjunc*)))

# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=ou=Users,ou=root,dc=default,dc=com
‍‍‍‍‍‍‍‍

Hyland Connect

LDAP Sync w/ Multiple OUs