2

I have had our instance of Atlassian Confluence configured to be integrated with our Active Directory.

In AD, all the users were being created under default Users folder in Active Directory Users and Computers.

We have decided to introduce cleaner separation and have created an Organizational Units structure in AD. Under root we have created Managed OU, and under it - Users OU and all user accounts were moved under Users OU.

Now I though that to let the Confluence AD integration engine "know" where to look for user accounts now, I only need to adjust the BaseDN and prepand it with ou=Managed so it is aware that it is looking for cn=Users but under ou=Managed. That didn't work.

How should I adjust LDAP schema root in a client application for it to be able to look for users in OU that then in a default folder.

Maxim V. Pavlov
  • 663
  • 3
  • 11
  • 29
  • 3
    Probably because the users are no longer in the Users Well Known Container but are in a new OU named Users, so it's not CN=Users, its OU=Users – joeqwerty Oct 08 '13 at 14:32

1 Answers1

4

CN denotes a common name and is used to denote well-known AD containers such as Users, Computers, System, etc. When create your own Users OU, you've done just that, create an OU, so you no longer use the CN= syntax, you use the OU= syntax for that part of the path. In the example you've provided, if you're just specifying a path to the objects, you wouldn't have a CN= anywhere.

If your AD domain was named ad.example.com, you would use this path based on the details you've provided:

OU=Users,OU=Managed,DC=ad,DC=example,dc=com
MDMarra
  • 100,734
  • 32
  • 197
  • 329