Hi ,

I am trying to integrate LDAP in ARIS 9 and I am able to make a connection between ARIS and LDAP system.

Regarding the user group details,I have given the below details in the UMC Configuration


User Search Path: OU=Hosting,dc=dir,dc=example,dc=com

User search filter : (&(sAMAccountName=*))(&(objectclass=group)(memberOf=CN=<Usergroup>,OU=Admin,OU=Hosting,DC=dir,DC=example,DC=com))

I have activated the LDAP also.

But when tried to import the users I'm getting the message as Zero users imported. I have checked the user group and it contains 3 users.

I have also tried to run the LDAP batch file(y-ldapsync.bat) which is available in 
D:\softwareAG\ARIS9.8\server\bin\work\work_umcadmin_m\tools\bin using command prompt I get the same message.

Below is the command used to import the users,

y-ldapsync.bat -s -t default importUsers -u system -p manager -f (cn=userID)

Can anyone please tell me if I have missed out anything and why I'm getting zero users while importing.


Thanks and Regards,

Chethan Rao.

by Martin Schröder
Badge for 'Contributor' achievement
Posted on Fri, 12/09/2016 - 13:25

Hello Chetan,

apart from one too many parenthese

 (&(sAMAccountName=*) ) (&(objectclass=group)(memberOf=CN=<Usergroup>,OU=Admin,OU=Hosting,DC=dir,DC=example,DC=com))

your User search filter should only specify the memberOf attribute, not the (objectclass=group) term: 


i.e. take any Account Name that is member of <Usergroup>...

re y-ldapsync.bat

parameter -f should be the same User search filter, but I do not know if special characters must be masked like "\=" as you can see in the file exported from UMC.

-f (cn=userID) looks like the example from the Admin Guide, but there userID is a placeholder for a real Account Name in your directory service

the 2nd Admin Guide syntax example states "...-f (cn=*)" in order to import all users from a LDAP directory.

Hope this helps, Martin

Posted on Mon, 12/19/2016 - 14:01

In reply to by smarty

Hi Martin ,

Thanks for the solution, I have tried the User search filter suggested by you but still the result is the same(0 users were imported).

In addition I tried to find all the users irrespective of groups, by just giving the user search path without the group filter and I was able to see all the users. It is something in the search filter which is not correct.



Chethan Rao.

by Dilcarina Duarte
Posted on Thu, 05/25/2017 - 12:39

In reply to by Chethan Rao U


Could you please share your filter? We have the same problem and we cant find the solution.

When we try to run the default filter (&(sAMAccountName=*)) on AD machine we are able to see the users but when we try the same filter on umc (import LDAP) we are not.


Dilcarina Duarte


Featured achievement

You blog more than you breathe, and your articles stand out: Create 20 more articles, receive very good feedback and stimulate conversations
Recent Unlocks


Weekly | All-time
icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon