LDAP User Sync by Organizational Unit or Group

  • Version of Rocket.Chat Server: 3.0.3
  • Operating System: Ubuntu Linux 4.15.0-91-generic
  • Deployment Method: DigitalOcean 1-click Rocket.Chat install then manual upgrade to v3
  • Number of Running Instances: 1
  • DB Replicaset Oplog:
  • NodeJS Version: v12.16.1
  • MongoDB Version: 4.0.3

I have the chat running, but I’m trying to sync my Active Directory users that are only in specific sub-Organizational Units, as highlighted in yellow here:


But using the following BaseDN settings, nothing syncs:

ou=Cali Users+ou=CN Users,DC=AutomannInc,DC=local

If I remove everything other than DC=AutomannInc,DC=local, then absolutely everything syncs. But I don’t want all the computer and device names etc. What would work for me is the lower OU’s. Is there a way to specify that?

If no, every member that are in the sub-OU’s (I’m not sure what the technical term is), is also in a Domain “Security Group” called APPACCESS

Is there an alternative way to specify to only sync LDAP users that are part of an Active Directory Security Group?

Thanks so much.