By default, Active Directory integration imports all data from the entire Active Directory tree. It is also possible to specify to which OU the import can be done. This way, the program will read that OU and the tree below that OU.
We assign the OU with the parameter /Domain: in the program ESI.Octopus.ADSIReaderapp.exe. Rather than entering the name of your AD, instead you will enter an LDAP expression as a parameter which will assign the OU.
The LDAP expressions are very complex, here is an example:
OU=USERS,OU=TORONTO,DC=MyCompany,DC=com
Therefore we can open ESI.Octopus.ADSIReaderapp.exe via
/Domain:OU=USERS,OU=TORONTO,DC=MyCompany,DC=com
EditLDAP Expression
The expression in the above example represents the OU "Users", which is which is under the OU "Toronto" which is part of the domain MyCompany.com.
However, in an AD tree, there aren't only "OUs", there are also "Containers". Therefore the syntax quickly becomes difficult to write.
There is a trick for avoiding errors with the LDAP expression. There is an Octopus feature which allows you to select an OU with a tool that presents the tree visually. This feature can be used to search for the correct LDAP expression.
Here is how:
- Go to "Tool > Reference data management"
- Open the "General" node
- Open the "Sites" node
- Select a site
- Click on the network icon to the right of the large text area
- Select an OU
- Click OK
- Copy the LDAP expression to the clipboard from the text area
- Close the Reference data management without saving the change.
In the clipboard, you now have the expression to add to the parameters for ESI.Octopus.ADSIReaderapp.exe
Edit Importing several OUs but not the root
If you want to import several OUs which are not one above the other, you need to execute (or automate the exectuion of) ESI.Octopus.ADSIReaderapp.exe several times. It needs to be executed once for every OU root to be imported.