LDAP limit user search on specific OUs
Question
I have been wondering whether it is possible to limit OUs in search base. This is how my hierarchy looks like:
Now, my search base is: dc=prod,dc=prod,dc=co
Is there possibility to limit user search only to these:
- OU=PROD,OU=SYS
- OU=PROD,OU=Int
- OU=UNIX
I'm a noob in this area, would be really welcome if someone could help.
Not sure if it is possible to use userSearchBase for multiple OUs (so far I understood that it is not possible, although for sssd I saw example which works) I think some user search filter might do it but wasn't really successful unfortunately
1 answers
solution1
1 ACCPTED 2021-03-25 09:01:26
Yes, you can limit the search base to multiple or single OU's.
Ranger does accept multiple search bases, for example:-
OU=PROD,OU=SYS,dc=prod,dc=prod,dc=co;OU=PROD,OU=Int,dc=prod,dc=prod,dc;OU=UNIX,dc=prod,dc=prod,dc=co
Few thing to note, it has to be separated by ";"and it needs full path including "dc" values.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.