ADSIReader - Integration for a single organizational unit (OU)

SHOW ALL CONTENT

Table of contents

Introduction

By default, Active Directory integration imports all data from the entire Active Directory tree. It is also possible to specify from which OU the import can be done. This way, the program will only read the OU and its tree below.

We assign the OU using the parameter /Domain: with the program ESI.Octopus.ADSIReaderapp.exe. Rather than entering the name of your AD, you will instead enter an LDAP expression as a value to the parameter, which will assign the desired OU.

LDAP Expressions

  • The LDAP expressions are very complex, here is an example:
OU=USERS,OU=TORONTO,DC=MyCompany,DC=com
  • Therefore we can use ESI.Octopus.ADSIReaderapp.exe with the parameter 
/Domain:OU=USERS,OU=TORONTO,DC=MyCompany,DC=com
  • ATTENTION: if the name of your  OU contains a space, you must put quotation marks
/Domain:OU=USERS,OU="TORONTO OFFICE",DC=MyCompany,DC=com

The expression in the above example represents the OU "Users", which is under the OU "Toronto", which is part of the domain MyCompany.com. However, in an AD tree, there aren't only "OUs", there are also "Containers". Therefore the syntax quickly becomes difficult to write.

There is a trick for avoiding errors with the LDAP expression. An Octopus feature exists which allows you to select an OU with a tool that presents the tree visually. This feature can be used to search for the correct LDAP expression.

Here is how: 

  1. Go to Tool > Reference data management

  2. Open the General node

  3. Open the Sites node

  4. Select a site

  5. Click on the network icon to the right of the large text area

  6. Select an OU

  7. Click OK

  8. Copy the LDAP expression to the clipboard from the text area

  9. Close the Reference data management without saving the change.

In the clipboard, you now have the expression to add to the parameter for ESI.Octopus.ADSIReaderapp.exe

Importing several OUs but not the root

If you want to import several OUs which are not one above the other, you need to execute (or automate the execution of) ESI.Octopus.ADSIReaderapp.exe several times. It needs to be executed once for every OU root needing to be imported.

X
Help us improve our articles