Thursday, July 12, 2007

Using LDAP to Import User Profiles into MOSS 2007

This simple task turned out to be extremely annoying. Apparently LDAP (Lightweight Directory Access Protocol) is not universal. There are multiple languages for LDAP. For example, I create a simple query using LDAP in Active Directory to retrieve all the users from a particular group in a particular OU. Works in the Active Directory test, so thinking it works fine there and the fact it is Microsoft, that copy and paste would do just fine.

Nope.

Something that should only have taken a couple minutes, ended up taking me many hours. The frustration was just irritating. In any case, here is an example of an LDAP filter that works in MOSS 2007 that retrieves all the users in the "SharePoint Users" security group.

Search Base:
DC=,DC=com

User Filter:
(&(objectCategory=Person)(objectClass=user)(memberOf=CN=SharePoint Users,OU=Information Technology,DC=,DC=com)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

No comments: