Allow specification of an advanced LDAP filter on user import

Idea ID 2853103

Allow specification of an advanced LDAP filter on user import

I have the following situation:

200K user objects in one OU who are all synced. Of these, only about 5500 are allowed to enroll in AAF. We have extended our eDirectory schema with the eduPerson class, with the attribute eduPersonAffilliation set to 'employee' in case they're entitled.

Furthermore, I need to exclude all accounts that have a specific status in another custom attribute called sccStatus.

So arbitrary LDAP filters are important. I understand that AA was originally AD-only and no one touches the AD-schema.

Tags (2)
1 Comment
Lieutenant Commander
Lieutenant Commander

I agree, this is something that would be extremely helpful for license management as well. Scoping a high level OU with intermixed users who should be able to or not able to use the product is not feasible. Allowing a custom LDAP filter query would alleviate this.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.