ncoker Hi we and our customers working with the Microsoft blueprint to separate resource and Users. So we have multiple domains in a forest (two-way trust and child). To import now the users we have to connect against the Global Catalog on port 3268 and it requires a NULL Base DN as descript here: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc978012(v=technet.10)?redirectedfrom=MSDN . Problem is that the UI and the config file requires a LDAP Base DN which is not empty ! Any suggestion how to configure that! example.net asia.example.net europe.example.net Note 1: yes we know that in GC not all attributes are replicated by default, but missing once can be enabled ! Note 2: all users in all domains use the dns suffix example.net from the root domin !
mwilliams Have you tried to search on GC port with the root domain as Base DN? In your case: DC=EXAMPLE,DC=NET
ncoker mwilliams Yes i did and it only pick up the users from root domain - no user from the other 2 domains ! if i search manually with ldapsearch with no basedn it works fine !
mwilliams ncoker We were able to reprocude your case - A first version to support cross-forest is underway, expect it to land latest within the next release, due next week.
