Wasfi,
You have found an area that is very picky in the application.
My recommendation is to NOT use this part of the application and integrate it with AD as much as possible. Unless you really like it.
If you do want to use it there are a few things you will need to learn.
1. Make sure to import ONLY what you want, so the import filter will need to be tested, before you actually do the import.
I am including a file with some Filtering examples. You should use these examples with an AD or LDAP tool to test.
- Only People or User accounts.
- (&(objectCategory=person)(objectClass=user)(sAMAccountName=*)(givenName=*)(sn=*)(mail=*))
- Type of Accounts
- (&(sAMAccountType=805306368)(sAMAccountName=*)(givenName=*)(sn=*)(mail=*))(sAMAccountType=805306368) = User Object.
- Only in specific groups.
- (&(OU=StdUsers)(OU=UsersAndGroups)(OU=Accounts)(objectCategory=person)(objectClass=user)(sAMAccountName=*)(givenName=*)(sn=*)(mail=*))
2. I am also including a SQL script that is to clear out what you have imported. This is pretty old and may not be correct with the current version. (Empty_user_list). USE THIS AT YOUR OWN RISK.
You can request this script from support as well, they should be able to verify it as well. ( I got this from Support in 2018)