This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD Sync filter groups?

This entry was recently added to the 'What's new' page (http://downloads.sophos.com/readmes/cloud/scloud_readme_eng.html):

AD Sync can now filter groups

AD Sync now lets you filter the groups it imports, so that you no longer have to import every group your users belong to. This is in addition to the user filtering we already offer.

Has anyone had any success using it?

This thread was automatically locked due to age.

0 RIMAdministrator over 8 years ago

I am definitely no expert at using the AD Sync v2 (learning as I go). But within a few minutes I got it working. Thank goodness for the "preview" button, as I could see that I would be importing unwanted users. Didn't want to restructure my AD OUs, so decided to use AD security groups and therefore control who would get which Sophos Cloud policy by importing AD groups. Don't use LDAP queries too often, so took a while to figure out syntax to filter multiple groups ("groupA" or "groupB" and so on). Just in case you need: (|(CN=groupA)(CN=groupB)) for group discovery filters and (|(memberof=CN=groupA,OU=Security Groups,DC=domain,DC=local)(memberof=CN=groupB,OU=Security Groups,DC=domain,DC=local)) for user discovery filters. I was aware of the parentheses syntax, but did not know to use the "pipe" | to mean "or" instead of & to obviously mean "and".
Cancel
Vote Up 0 Vote Down

Cancel