0 votes

Team,

I am trying to build a web portal to use as a company directory, the problem is that when a search is conducted it shows every account in the forest. I want to limit the search to particular OU's with the user accounts in it, without displaying any service accounts or accounts like that. Is this possible?

Thanks again!

by (320 points)

1 Answer

0 votes
by (216k points)

Update 2018

Starting with Adaxes 2018.1, you can control the objects displayed in a Web interface (e.g. by setting a top level node). For details, have a look at the following tutorial: https://www.adaxes.com/tutorials_WebInterfaceCustomization_PreventUsersFromViewingTheADStructure.htm.

Original

Hello,

Currently, you cannot limit the Web Interface search, but there is a workaround. Instead of allowing your users to search in the Web interface, you can use the View Object Home Page Action configured to display only objects that match a certain LDAP filter. Also, you can set up a Scheduled Task that will set a certain property of those accounts that should not be visible in the Web Interface to a certain predefined value. For example, if you have Exchange installed, you can use Extension Attribute 1 provided by Exchange and set it to invisible. Then, in the settings of the Home Page Action you can specify a LDAP filter that will match all users whose Extension Attribute 1 is not set to invisible.

For information on how to create the necessary Home Page Action, see section View Object in the Configure Home Page Actions Tutorial. Use it as a guide.

  1. To configure the Home Page Action to allow viewing users, on Step 1 of the section, select View and User from the associated drop-down list.

  2. On Step 3 of the section, select the Allow selecting only AD objects that match the specified LDAP filter option and specify a LDAP filter that will be used to return only actual users. For example, to return only users whose Extension Attribute 1 is not set to invisible, specify the following filter:

     (!(extensionAttribute1=invisible))
    

To create a Scheduled Task that will set the property you chose to the necessary value:

  1. Create a new Scheduled Task.
  2. On the 3rd step of the Create Scheduled Task wizard, select the User object type.
  3. On the 4th step, add the Update the user action and click Add.
  4. In the Property to modify field, select the property that you need, for example, Extension Attribute 1.
  5. In the New value field, specify the predefined value that you want to use, for example, invisible.
  6. Click OK.
  7. On the 5th step, adjust the Activity Scope of the Scheduled Task so that it includes only OUs where service accounts and the like are located.

Related questions

0 votes
0 answers

Right now, I have my Help Desk limited to the Employee OU for Password Resets, Unlocking, and Updating user information. And I have also limited then to seeing nothing ... to keep those users outside the Employee OU from showing up in Searches and Reports?

asked Sep 12, 2016 by rurbaniak (1.4k points)
0 votes
0 answers

I'm brand new to this product and am still learning, I apologize for what are presumably bonehead questions. Here goes: 1) We've got a Create Contact action set up ... the custom form Exchange-enables the group? Thanks for the information, A brand new user.

asked Oct 4, 2016 by ctdhelpdesk (190 points)
0 votes
1 answer

We have four OUs in Active Directory (Pending Deletion, Disabled with Mail Delegates, Disabled with HR Extensions and Disabled_Temp_Leave) that users are moved to prior to their eventual ... past 7 days have been moved to one of 4 of these OUs. Thanks!

asked Jun 3, 2021 by RayBilyk (230 points)
0 votes
1 answer

I've read this article; https://www.adaxes.com/tutorials_WebInterfaceCustomization_CustomizeHelpAndSupportLinks.htm?appView=1 However, it doesn't tell me how to add or remove columns from ... by the Quick Search. I'd like to add EmployeeId. thanks, Nate

asked Apr 10, 2022 by nate2 (90 points)
0 votes
1 answer

We have a custom website for our basic people search web page to lookup users in AD as a people directory. Everything works great except for the search allows users to search AD ... Page but we wanted to do the same in the search. Any ideas Thanks, Rodney

asked Jul 3, 2013 by rjthompson (80 points)
3,326 questions
3,026 answers
7,727 comments
544,684 users