Forum Discussion
NimbostratusAD query issue
Hi,
I am new to APM module.I have created the below AD query for one requirement.
Logon -> AD AUTH (Success) -> AD query[Failed]
CN="Global UR ENETAPPS QA IMDL", "Global UR ENETAPPS Monitoring", "Domain Users", "Global UR ENETAPPS QA" or "Global UR ENETAPPS KOREA",OU=Security,OU=IMDL Managed Groups,OU=Global,OU=Users & Workstations,DC=INTL,DC=NET
Am getting below error.
err apd[25202]: 01490086:3: f495308a: Rule evaluation failed with error: extra characters after close-quote.
Could you please tel me whether i made any mistake on this AD query.I couldnt able to identify the issue.
5 Replies
- Kevin_Stewart
Employee
What is the branch rule condition for your AD query? By default it's
Expression: User's Primary Group ID is 100which will most likely not be what you need.
I'm also thinking your LDAP searchFilter syntax is incorrect. There's no "or" option in an LDAP search.
https://technet.microsoft.com/en-us/library/Aa996205%28v=EXCHG.65%29.aspx
Stanislas_Piro2Cumulonimbus
What did you configure in "Search Filter" Field?
The default search filter is :
sAMAccountName=%{session.logon.last.username}
sanjai_126162(sAMAccountName=%{session.logon.last.username})is configured in the search filter
- Stanislas_Piro2
what is the expression of your branch?
which groups the user must belong to? when I read the string you post, I say the same as APM : "extra characters after close-quote"
If you want to evaluate 2 groups with a "or", the branch expression must be the following:
expr { [mcget {session.ad.last.attr.memberOf}] contains "cn=group2, ou=groups, dc=company, dc=local" || [mcget {session.ad.last.attr.memberOf}] contains "cn=group1, ou=groups, dc=company, dc=local" } - sanjai_126162
Thanks for your support.
I have created separate 5 branch rule for each group.now its working as expected.
