Users' questions

What is group base DN?

by Rhyley Bryan

What is group base DN?

The user or group DN is added onto the base DN, and will be used as the starting place to look for users and groups. This is helpful when your users are located at a different location to the groups they’re a part of. For example, consider the following: Base DN: dc=example,dc=local. User DN: ou=Users.

How do I find my LDAP group DN?

Finding the Group Base DN

  1. Open a Windows command prompt.
  2. Type the command: dsquery group -name .
  3. In Symantec Reporter’s LDAP/Directory settings, when asked for a User Base DN, enter: CN=Users,CN=Builtin,DC=MyDomain,DC=com.

How do I find base DN and group DN?

To find out your user and group base DN, you can run a query from any member server on your Windows domain. To find the User Base DN: – Open a Windows command prompt. – Type the command: dsquery group -name .

Can a base DN for LDAP queries be a group Dn?

(NNMi on RHEL6 to Active Directory on W2K8 R2) I know I can get it to work if I use the OU that my users are in as the base DN for the lookup. Trouble is, my NNMi users exist in many disparate OUs. So, what I wanted to try was to create a group for NNMi Users, and put them all in that. Then use the DN for the group as the base DN for the query.

Where can I find the group base DN?

To find the Group Base DN: – Open a Windows command prompt – Type the command: dsquery group -name . (Example: If I were searching for a group called Users, I could enter the group name as Users* to get a list of all groups who’s name contains “Users”) – The result will look like: “CN=Users,CN=Builtin,DC=MyDomain,DC=com”

How to determine LDAP scope for user and group search?

While you should already know the user DN (Distinguished Name) you are using for your LDAP connection, it can be helpful to review the users and groups in Apache Directory Studio to determine the best scope for your Crowd LDAP directory configuration. Crowd comes with default configurations that will work for most customers.

What are the valid parameters for a LDAP query?

You can refine search objects using the objectCategory and objectClass attributes. Valid parameters: person, user, contact, computer, groups. Using the following filter, select all users named Jon: Let’s consider some useful examples of LDAP queries that are often used by the AD admins.