Thanks @PaulHomes. I'm Importing the AD directory users using Importad.sas sample. But I want to import only SAS users. We have a "SAS_Users" AD group which has nested SAS groups how can I import users from "SAS_Users" group?

Using the Metacoda Identity Sync plug-in you would just configure it to target the SAS_Users AD group and then it would follow the members of that group, both users and and further nested groups and their members.

To do this with the importad.sas code you would need to customize it so that, instead of getting all users and groups under the specified OUs, you query the single SAS_Users AD group to find its members (as a lookup table) and then fetch the details for just those member users (and possibly member groups if you need nested groups too). 

Hello @vkrishna,

I love the tool that @PaulHomes  mentioned, I think it reduces maintenance costs (not everyone is capable of maintaining the importad sync script, and less if there are customisation), also with that tool you can hand over the user sync and comparisons to the relavant IT team, whom understand better how AD works.

However, if you would like to continue working with the script:

I think, since the input  for the script is an OU or a set of OUs, your best choice is to include that group within the a single Organisational Unit (OU) in the AD, and only that group. The script should be able to take that group and all the groups and users within that group.