We are currently re-organising our user structure within Encryption Manager, and in conjunction with this, need to setup a new (or modify existing) AD connector in Connector Manager.
Currently users are all put into a single Active Directory group, however for the new structure, the users will be in one of 5 separate groups, the idea being the AD connector uses that group to determine which Users group they go into in Encryption Manager.
As per recommendations from McAfee for speeding up the AD Connector, the "object filter" on the pre-existing connector is setup to look at the group as follows:
(& (objectClass=organizationalPerson) (memberOf=CN=GROUPNAME,OU=User Groups,OU=Applications,OU=Controls,DC=madeupdomain,DC=co,DC=uk))
I've created 5 new AD groups, Group1 to Group5.
If i make Group1 a member of "GROUPNAME", it doesn't find any users that are in "Group1"
If i change the query so that instead of "GROUPNAME" it checks "Group1" it finds those users and puts them into group1 within encryption manager (assuming they don't already exist within the database).
What i would like is a query that gets it to check all 5 groups in one string, so that I don't need to create 5 separate connectors within Connector Manager.
Are there any recommendations/suggestions on how best to do this ? I'm not too good on LDAP queries, so if someone can suggest the correct syntax it would be much appreciated.