Importing users and groups with LDAP import This article describes how you can import users and groups with LDAP import.
To import users and groups with LDAP import:
- Set up an LDAP or FILE import profile from Groups and Users > Import/Auth Profiles.
- There's a profile available by default, click on it.
- The below window opens. Select Advanced LDAP Options >> to view all fields. Fill in the fields as necessary.
| Setting | Value |
|---|
| Host/IP Address | Active directory server |
| Base DN | A Distinguishable name for the AD scope. Example: DC=mc2008,DC=fi |
| Bind DN | The user whose credentials are used to access the AD. Use the User Principal Name (UPN), "internet-style name". Example: administrator@mc2008.fi |
- Go to the Advanced tab. The below window opens. Fill in the fields as necessary.
| Setting | Value |
|---|
| Filter | Active Directory Query Parameters TIP: (Example: mail=*mc2008.fi) |
| Map UID to Attribute | Unique Attribute in the LDAP Directory |
User Import - Advanced examples
Import one specific domain (mail=*@mc2008.fi)
Exclude objects (NOT) (&(mail=*@mc2008.fi)(!(objectClass=group))) (&(mail=*@mc2008.fi)(!(description=noimport))) (&(mail=*)(!(UserAccountControl:1.2.840.113556.1.4.803:=2))) Ignore disabled users
Use two attributes (AND) (&(mail=*)(sn=Mc2008))
Use two attributes (OR) (|(sn=Mc2010)(sn=Mc2008))