Active Directory Powershell runs without error. No Users imported.
Output from execution:
Starting AD OU Sync...
Ping API...
Request [GET] /api/v1/ping
200 OK
Ping: Token is valid
Reading AD OU members
Get all users...
Request [GET] /api/v1/users?full_list=true
200 OK
Request ok!
AD OU Sync finished.
I have set the $dn, $syncGroupCN, $syncGroupOU to what I think they should be.
I have placed Write-Host commands to dump the users, but there are never any found.
What is the format for the $syncGroupCN and $syncGroupOU other than the names of the group and OU?
If the OU is a few levels down, does it find that without me having to put the full path into the variable?
Is there a good troubleshooting version of the powershell script for this?
Thanks!!
Best Answer
-
The instructions are not comlete. The full path of the OU needs to be specified in the SyncGroupOU variable. Leaving out the first "ou=", the remainder of the path to the OU where the Active Directory users are located needs to be specified in that variable.
e.g:
You group is called TeamViewerGroup (this is the Common Name or cn= part). This needs to be assigned to the variable $syncGroupCN
e.g:
$syncGroupCN="TeamViewerGroup"
Your path to the group is:
mydomain.local/SecurityGroups/Admin/Remote/Teamviewer/TeamViewerGroup
The other variables are then:
$dn="dc=mydomain,dc=local"
$syncGroupOU="TeamViewer,ou=Remote,ou=Admin,ou=SecurityGroups"
Why?
The first "ou" is provided in the procedure call below the variable assignment in the ADSync.ps1 script.
Only put the Domain Information in the $dn variable
Only put the common name of the group in the $syncGroupCN
The only variable that will look strange is the $syncGroupOU if you have it buried somewhere down in your AD structure.
Thanks
Glen
5
Answers
-
The instructions are not comlete. The full path of the OU needs to be specified in the SyncGroupOU variable. Leaving out the first "ou=", the remainder of the path to the OU where the Active Directory users are located needs to be specified in that variable.
e.g:
You group is called TeamViewerGroup (this is the Common Name or cn= part). This needs to be assigned to the variable $syncGroupCN
e.g:
$syncGroupCN="TeamViewerGroup"
Your path to the group is:
mydomain.local/SecurityGroups/Admin/Remote/Teamviewer/TeamViewerGroup
The other variables are then:
$dn="dc=mydomain,dc=local"
$syncGroupOU="TeamViewer,ou=Remote,ou=Admin,ou=SecurityGroups"
Why?
The first "ou" is provided in the procedure call below the variable assignment in the ADSync.ps1 script.
Only put the Domain Information in the $dn variable
Only put the common name of the group in the $syncGroupCN
The only variable that will look strange is the $syncGroupOU if you have it buried somewhere down in your AD structure.
Thanks
Glen
5
