If you’ve ever tried to setup SharePoint 2007 to import user profiles via LDAP you’ll like this post. The setup of the SSP to import profiles is a fairly simple task, but what is not that easy is applying the right LDAP user filter to import only the accounts that you desire from Active Directory. I’d like to share with you my experience with applying user filters and some of the excellent user filter examples I have found. The user filter is a string in User filter in the page “Create New Connection” which is in User Profile and Properties section in SSP.
Below are some samples of LDAP User Filters:
Default user filter:
(&(objectCategory=Person)(objectClass=User))
Exclude disabled accounts:
(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))
Exclude accounts with no email address and disabled accounts:
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(mail=*))
Exclude accounts with passwords set to expire:
(&(objectCategory=person)(objectClass=user)(!userAccountControl=65536))
Include only the accounts with valid email addresses
(&(objectCategory=Person)(objectClass=User)(mail=*com)
Include only the accounts that are part of the Branch1 organizational unit
(&(objectCategory=Person)(objectClass=User)(memberof:1.2.840.113556.1.4.1941:=(CN=Authenticated Users,OU=Branch1,DC=domain,DC=local)))
Exclude accounts that don’t have a first name
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(!givenName=*)))
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment