This content has been marked as final. Show 2 replies
I also work at an NHS trust and we have recently had Safeboot setup by a supplier. Here are the settings we use which works fine even with the distribution list OU.
Atrribute Type List
objectGUID (binary string)
Attributes to substring check
there are NO search groups setup.
We then have our Safeboot group to match AD groups, so that any members of the AD group will get put into the safeboot group, then if not in any of those groups they get ignored.
Many thanks for the response on this. Although it asn't directly resolved the issue, it has opened up other avenues that did not previously exist. I have been looking into configuring an object filter from within the search settings tab that will search for object class=user in the numerous child OU's below the parent but will skip searching within the problematic "Distribution List" OU. If anyone has any knowledge/experience with configuring such an LDAP query, again, this would prove extremely helpful.
To summarise, I need to look for user objects in the child OU's below the main parent OU but ask the connector to disregard the Distribution Lists OU.
Regards, and thanks again.