How do I Sync just part of the LDAP source directory?

Created: 2012-04-20 08:09:59
Modified: 2024-02-29 11:42:25
Tags: Exclusions Features UnitySync

There are many ways to narrow your Source data selection either for testing or as an ongoing part of your Sync.

You can specify one specific object, identify one or more separate OU’s, designate where in the directory tree you want to start pulling data, or you can exclude specific parts of the directory. These options are useful during initial testing when you want to sync only a small subset, or in a Production sync to control exactly what containers to pull from the Source.

Important NOTE: Anytime you modify a connection that changes the source scope (source context, filters and/or excludes), you should always run a Discovery and SIMULATION prior to a sync. Confirm the SIM results do not show an unexpectedly high number of Adds or Deletes.

Optional - Source Context

On the Source tab, the Optional - Source Context parameter should be set with complete LDAP syntax to identify the Source container(s) to discover.

For example, to read objects from a single OU (and its child OU’s):

ou=Container Name,dc=domain,dc=com

You may specify multiple containers by separating them with a pipe | symbol:

ou=Container Name,dc=domain,dc=com|ou=Another Container,dc=domain,dc=com

Optional - Source Query Filter

Also on the Source tab, the Optional Query Filters may be defined to filter in (or out) source objects based on source attribute values.

Simple Example: Using the following filter will only discover source objects if the ‘mail’ attribute ends with @Mydomain.com.

(mail=*@Mydomain.com)

See Optional LDAP and o365 Source Query Filters for more detailed query filter syntax information.

Exclude

You may exclude specific objects based on several parameters. For instance, if you want to sync an entire directory except for a single OU, you can utilize an Exclude rule to easily remove that OU from the scope of the Source Discovery.

Exclude rules are entered on the Custom tab via the Exclude button. Some example rules are to exclude:

  • By OU
    dn:ou=ExcludeThisContainer

  • A specific single object
    dn:cn=John Smith,ou=Recipients,dc=domain,dc=com

  • All email addresses with a specific domain
    mail:ExcludeThisDomain.com

  • All objects with a specific value in a specific attribute
    extensionattribute10=SpecificValueToExclude

Please see the Administrator’s Guide Appendix for more information on Exclusions.

Testing with a Single Object

If you only want to Sync a single user for testing purposes, please see these instructions.

Of course, if you would like assistance with any of these options, contact Technical Support.

Share this article:
Knowledgebase

Directory
  1. Directify - Self Service

  2. Mimic - Replication

  3. UnitySync - Sync
Password
  1. emPass - Sync
Obsolete
  1. Profiler
  2. SimpleSync