Idea ID 2853103
I have the following situation:
200K user objects in one OU who are all synced. Of these, only about 5500 are allowed to enroll in AAF. We have extended our eDirectory schema with the eduPerson class, with the attribute eduPersonAffilliation set to 'employee' in case they're entitled.
Furthermore, I need to exclude all accounts that have a specific status in another custom attribute called sccStatus.
So arbitrary LDAP filters are important. I understand that AA was originally AD-only and no one touches the AD-schema.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.