This setting defines the search query scope. To improve query performance, limit the scope to a specific OU.

IMPORTANT: To test the rule configuration, limit the rule scope to an OU that contains test accounts or objects and use the Preview feature.

Query criteria are sent with the query and may improve query performance.

TIP: For additional information on the criteria builder, see the How to use Query Builder dialog for Query Criteria and Filter rule settings.

Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting.

Example: filter by the found object Distinguished Name.

TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible.

Each object property defined in this setting matches the column that will be displayed in the Web Portal for this web query.

To display additional columns, add the required properties to the Properties to display list.

To add extension attribute 1 that is synchronized from AD, you need to use a value like:

"OnPremisesExtensionAttributes/extensionAttribute1~Extension Attribute 1"

Specify the maximum number of groups to suspend in the selected scope.

List of properties required for this rule to be executed correctly.

Set the filtering conditions to only return objects or data that need to be processed by the rule.

This filter overrides the Query criteria setting.

Sort result object list.

Specify the text file to be imported.

The […] (three dots) button allows the user to browse for the file and the Create/Edit button allows the creation or editing of the existing file in the built-in Data Source editor.

Specify the separator used in the source CSV file.

Select a column in the data source that contains the attribute value for identifying and mapping a computer.

Specify group category.

Specify group scope.

Specify the first letters or symbols of group Name or DisplayName.

Filtering by the number of members requires loading per-group user properties and will decrease rule performance if used.

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

1. Add this initialization script

   Copy

   {$global:DatePeriod = (Get-Date).AddDays(-10)}

2. Use the $DatePeriod variable in the query criteria builder: