Add user profile search rule – Google Apps Directory Sync Administration Guide User Manual

Configuration

105

This page shows the list of search rules. In a new configuration, this will be an
empty list. To add a search rule, click the Add Search Rule button at the bottom
of the screen.

Note:

You cannot create an LDAP rule to exclude a specific OU in your LDAP

directory. Instead, limit the LDAP administrator authority on your LDAP directory
server, removing access to any OUs on your LDAP directory server that you do
not want to synchronize.

On the list of Search Rules, you can change existing rules:

•

Reorganize: Click the up arrow or down arrow icon to change the order of
search rules.

•

Edit: Click the notepad icon to edit the settings of a search rule.

•

Delete: Click the X icon to delete a search rule.

Search rules are processed in the order listed.

Add User Profile Search Rule

To add a new search rule, click Add User Profile Search Rule and specify the
fields in the dialog box. After specifying the fields, click Apply to submit your
changes, or Test LDAP Query to test the search rule. The fields are as follows:

LDAP User Profile Search Rule
Field

Description

Scope

This determines where in the LDAP directory
this rule applies.

Choose which option to use:

•

Subtree: All objects matched by the
search, and anything under those objects,
recursively. Subtree gives the broadest
search, but for very large organizations
this can be load-intensive and cause
system problems.

•

One-level: All objects matched by the
search, and anything one level underneath
them. Does not look further than one level.
One-level provides a limited search that
will avoid causing extreme load for very
large organizations.

•

Object: Only objects directly matched by
the search. No recursion of any
kind.Object is rarely used except with very
complex LDAP searches. It allows a
search only on the specified object.

Example: Subtree