Table of contents
By default, Active Directory integration imports all data from the entire Active Directory tree. It is also possible to specify from which OU the import can be done. This way, the program will only read the OU and its tree below.
We assign the OU using the parameter /Domain: with the program ESI.Octopus.ADSIReaderapp.exe. Rather than entering the name of your AD, you will instead enter an LDAP expression as a value to the parameter, which will assign the desired OU.
- The LDAP expressions are very complex, here is an example:
- Therefore we can use ESI.Octopus.ADSIReaderapp.exe with the parameter
- ATTENTION: if the name of your OU contains a space, you must put quotation marks
The expression in the above example represents the OU "Users", which is under the OU "Toronto", which is part of the domain MyCompany.com. However, in an AD tree, there aren't only "OUs", there are also "Containers". Therefore the syntax quickly becomes difficult to write.
There is a trick for avoiding errors with the LDAP expression. An Octopus feature exists which allows you to select an OU with a tool that presents the tree visually. This feature can be used to search for the correct LDAP expression.
Here is how:
Go to Tool > Reference data management
Open the General node
Open the Sites node
Select a site
Click on the network icon to the right of the large text area
Select an OU
Copy the LDAP expression to the clipboard from the text area
Close the Reference data management without saving the change.
In the clipboard, you now have the expression to add to the parameter for ESI.Octopus.ADSIReaderapp.exe
Importing several OUs but not the root
If you want to import several OUs which are not one above the other, you need to execute (or automate the execution of) ESI.Octopus.ADSIReaderapp.exe several times. It needs to be executed once for every OU root needing to be imported.
Thank you, your message has been sent.