    Importing users from AD via LDAP

    Mark6785 Apprentice

      I'm trying to set up an LDAP connection to AD to see if it works any better than the present "Active Directory Connector" connection


      So I set up a new connection , as shown above , and then I set up 3 ( a dont know what they are called - sub connections?)  one for each of the 3 object classes. The difference being they all seem to have different attributes in them. So I pick a few attribs , make one the key and save the connection.


      Then I go to query editor and see if a can set up a query - i can , I can find the ldap connection and the sub-object thing , and see the attribs I picked - so I pick a few for the query output , I test the query ( with no criteria set) and nothing!


      Additionally if I do put any criteria in ( on DN anyway)  it usually crashes with this error:

      It seems no condition types are supported for distinguished name - is that normal?


      Any advice welcome,


          andreas.lindner Expert



          Active Directory connections are a bit bitchy about how you query them. Any criteria in a query on an AD connection should at least not throw an exception, but, in my experience, won't work either.

          I think that it has something to do with how the AD is queried, using LDAP and not SQL. Queries don't seem to be able to build up "LDAP Filter Strings" from the filter criteria, to restrict the displayed query results.


          However, the LDAP Filter in the Connection Types itself will work perfectly fine.

          There are some pretty good articles in the community on how to use the LDAP Filter. Otherwise I can recommend www.selfadsi.org

