Selective synchronization of users according to groups (LDAP-AD)

Question asked by fux on Nov 9, 2016
Hi all!

I'm greenhorn in the Alfresco. At the moment I am trying to resolve connection to AD, but for some reason I have not succeeded with the synchronization.
Groups is synchronized correctly, users is associated into a correct groups, but during synchronization is created a lot of other accounts (all users which is registered in this domain).


I have approximately similar structure in Active Directory:





              .... and more other groups, which can be changed in future ...







Adam is member of:  cn=users,ou=Company,dn=domain,dn=tld


John is member of:  cn=users,ou=Company,dn=domain,dn=tld


Betty is member of: cn=users,ou=Company,dn=domain,dn=tld


My group search filter is



I would like to synchronize (and automatically add) only this users, which is member of whichever group in branch Others->Alfresco->...

(Adam and Jon, but NOT Betty)


How I can do it?

How i can synchronize only users from groups under OU Alfresco?

expression (memberOf=*OU\=Alfresco,OU\=others,DC\=domain,DC\=tld) not works, because wildcard * can't be used for attribute memberOf.


Thank You for Your time