Support - LDAP / Easy way to reference all users?

I’m wondering if there is any work around to get a listing of all users minus an exclusion list in AD to target for group designations for awareness training. We were able to get a listing of all users using (primaryGroupID=513) and was even able to get a user list based on that minus our exclusion list. The problem comes back to testing an individual user where it states “Using your LDAP Auth connector we pulled the list of groups for this user and could not find the groups you selected for this awareness program. Check your LDAP connectors and try again.”

I would assume that it is cross referencing the user i’ve selected in the test, getting the memberOf attribute and comparing against what I’ve selected as a target group in the awareness program? In my test i’m selecting a garbage group as the member of query is hardcoded to give me the right user list all the time, BUT technically the user isn’t a member of any group.

I know this topic can get pretty complex… in short i’m wondering if there is any easy way to cross ref all domain users minus and exclusion list without having to assign a group designation for every…single…user…


Hi john,

We added checks before you can create an awareness trainings because many times LDAP settings differ and that creates a bit of chaos.

That guide explains exactly what is the error most people will get when using inconsistent LDAP settings.

You can do this with LDAP “filters” (i personally think LDAP is old stuff so is hard to get complex queries working) or using the “ignored users” from the awareness program.

Check the post above, it has the cheatsheet i use when helping customers debug ldap trouble.

I hope any of this makes any sense and helps?