Thursday, May 12, 2022

[389-users] Re: Absolute True and False Filters

On 5/12/22 3:13 PM, Mike Mercier wrote:

I am attempting to use the Microsoft ECMA Connector (Azure AD Connect) to synchronize user information from Azure AD to 389DS.  Microsoft does claim 389DS is supported, see:

While configuring the ECMA connector wizard, the 'Global' page displays the following message:

Mandatory Features Not Found:
[] True/False Filters


My understanding of [1], is that it is quite common that LDAP server does not report this feature and you are right 389ds does not report it.
It is mentioned that "If you can import more than one object type, then your LDAP server supports this feature.". Object Type is looking to be the objectclass attribute of an ldap entry. 389ds supports entries with multiple objectclass values, so even if it is not listed it looks to me it supports that feature.



I believe the below command displays what is supported?
[root@localhost ~]# ldapsearch -H ldap://localhost -x -s base -b "" +

I do not see the specific OID from above listed in the output.  Is the feature supported by 389DS?  Is there a plugin available that will add support?

Anyone have any experience trying to sync information between 389DS and Azure AD?


_______________________________________________  389-users mailing list --  To unsubscribe send an email to  Fedora Code of Conduct:  List Guidelines:  List Archives:  Do not reply to spam on the list, report it:  

No comments:

Post a Comment