Include by Query for Multiple OUs with Common Name Within a Specific OU Structure

Hello -

I'm trying to create Include by Query membership for a new Managed Unit to include multiple OUs with the same name.

My problem is that I would like to have the query return those OUs within a given OU structure rather than the entire domain.  I've tried filtering by distinguishedName, which returns nothing and my attempts to use a custom LDAP query to filter for both the OU name I want and include the name of the OU structure have also failed.

So if I have:









How can I return just the ReturnThisOU OUs in OU2 and filter out ReturnThisOU in OU1?

Any suggestions would be appreciated.

  • Hi Rob

    In the use case you mention, I'd either have 

    a) A filter which is based upon two attribute, the name and some other attribute (like description), where the LDAP query would be along the lines of (&(cn=ReturnThisOU)(Description=Include))


    b) A filter based upon a single attribute, where the LDAP query would be (description=ReturnThisOU)

    The other option might be to have an include by query and an exclude by query membership rules within the managed unit, IE

    Include By Query:

        * Find all OU that contain "ReturnThisOU" within some search root

    Exclude By Query

        * Find all OU that are within some search root you don't want to include.

    Hope this helps

    Kind regards