/build/static/layout/Breadcrumb_cap_w.png

Creating a K1000 LDAP label for multiple OUs

I am trying to create a LDAP label to identify servers in multiple OUs as oppose to creating a label for each OU. Is this possible. The format I am currently using is:

(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=Servers,OU=Office A,OU=Location A,DC=domain,DC=com)

I want to be able to use the following in the same label but would like to know if there was able to split them. By themselves the filters work, but when trying to put them in the same label they do not work.

(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=Servers,OU=Office B,OU=Location B,DC=domain,DC=com)

Can this be done?

 

 

Asked 10 years ago 9362 views
0 Comments   [ + ] Show comments

Answers (4)

Answer Summary:
Posted by: jeanome 10 years ago
Senior White Belt
2

I have now resolved this by creating a security group within AD and then created a LDAP smart label in KACE, below is the filter I have used:

Search Base DN: DC=domain,DC=com

Search Filter:

(&(memberOf=CN=Servers_Group_Name,OU=Groups - OU,DC=domain,DC=com)(name=KBOX_COMPUTER_NAME))

 

 

Comments:
Posted by: SwissJay 9 years ago
Senior White Belt
2
I know this is an old thread, but I tried to do the same thing when we started having to move machines between 2 OUs (those that had been upgraded to Windows 8 to the new OU, the Windows 7 machines in the old OU) but still wanted to reach them under one KACE label.

Anyway, this is what worked (using an OR in my LDAP query):

(&(objectclass=computer)(|(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=HC035,OU=HCBuilding,OU=StudentLabs,OU=Henderson,OU=Other,DC=somedomain,DC=someschool,DC=edu)(distinguishedName=CN=KBOX_COMPUTER_NAME,OU=HC035,OU=HCBuilding,OU=MigratedWin8,OU=StudentLabs,OU=Henderson,OU=Other,DC=somedomain,DC=someschool,DC=edu)))

See the screenshot for the LDAP label:


Hope this helps someone,
Jonas
Comments:
  • This helped me solve my problem as a workaround for kbox inability to search in nested security groups. - bens401 8 years ago
Posted by: SMal.tmcc 10 years ago
Red Belt
1

you can always create an AD group and put the servers in that group, then ldap against that group.

Posted by: jeanome 10 years ago
Senior White Belt
1

Just before this post was replied to, I have created a group and added the servers into the security group. However I am trying to find the correct format to use when adding the ldap filter into KACE.

I am currently using this format:


(&(samaccountname=KBOX_COMPUTER_NAME)(memberOf=CN=Group name,OU=Groups,DC=domain,DC=com))
Comments:
  • I think from reading this you just want to use name=
    http://www.itninja.com/question/trying-to-import-machines-into-a-kace-label-based-on-computer-group-membership - SMal.tmcc 10 years ago

Posted by:

jeanome Senior White Belt
Ninja since: 10 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

KACE Product Support Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ