Trying to use DirSync on a specific OU in Active Directory

Question

I am trying to use DirSync to get all changes to users in a particular OU (using C#). From what I've read, the root of the search must be the root of the directory partition, so I'm initializing my DirectoryEntry using the path:

string strUserDirPath = "LDAP://xxx.yyy.zzz/DC=xxx,DC=yyy,DC=zzz";

and then later I'm trying to set a filter that will give me only users in a specific OU.

The problem is, whenever I try to add the OU to the filter, it filters everything out. If I say:

srch.Filter = "(&(objectClass=user)(objectcategory=person))";

that gives me all users.

The full path to the OU I want is:

"OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=eee,DC=xxx,DC=yyy,DC=zzz"

I would like to sync only users that match this complete path.

I have tried adding several things to my filter to do this, but it always ends up filtering out ALL records. I have tried the following filters to no avail:

"(&(objectClass=user)(objectcategory=person)(OU=aaa))"
"(&(objectClass=user)(objectcategory=person)(OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=eee))"
"(&(objectClass=user)(objectcategory=person)(OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=eee,DC=xxx,DC=yyy,DC=zzz))"
"(&(objectClass=user)(objectcategory=person)(memberof=OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=eee,DC=xxx,DC=yyy,DC=zzz))"
"(&(objectClass=user)(objectcategory=person)(memberOf:1.2.840.113556.1.4.1941:=OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=eee,DC=xxx,DC=yyy,DC=zzz))"

I feel like I'm probably missing something very obvious, but can't quite get it.

Can anyone offer any solutions? As a last resort, I'm thinking of just getting all users, and then programmatically filtering out the ones I don’t need. Seems clunky, but if it's what I gotta do, I will.

Trying to use DirSync on a specific OU in Active Directory

Answers (1)

Related Questions