Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

LDAP query help needed!

Status
Not open for further replies.
TheMisio

TheMisio

Technical User
Sep 26, 2005
229
BE
Fellow Techies,

Does anyone know why LDAP filters involving distinguishedName attribute don’t work?

I have several OUs containing sub OUs like APPS, USERS etc:

MYDOMAIN.COM

COMPANY1 (OU)
USERS (SUB OU)
APPS (SUB OU)
MACHINES (SUB OU)

COMPANY2 (OU)
USERS (SUB OU)
APPS (SUB OU)
MACHINES (SUB OU)

Etc.

I need to extract all user accounts from USERS sub OUs. So I create the following csvde query:

Csvde –f file.txt –r “(&(objectClass=user)(distinguishedName=*OU=USERS*))”

However, it doesn’t work. I tried many other combinations involving distinguishedName but it doesn’t like asterisk.
It works on other attributes though.

Any idea why?

Regards,

Michael.
 
Sort by date Sort by votes
Not an expert and brushing up on LDAP queries:

csvde -d "ou=USERS,ou=company1,dc=mydomain,dc=com" -r objectClass=user -l Distinguishname -f file.csv

See if the above is what you need.

________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!
 
Upvote 0 Downvote
TechyMcSe2k,


Thank you for your reply.

However, this is not exactly what I meant. I know how to create the query to get users from OU=USERS,OU=COMPANY1,DC=MYDOMAIN,DC=COM.

I wanted to find out if I can search entire domain, but filter out only those users that belong to USERS sub OUs.

Regards,

Michael
 
Upvote 0 Downvote
To my knowledge, microsoft didn't build in ldap exclusion queries for OU names in multiple instances. I'll keep researching though.

________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!
 
Upvote 0 Downvote
But I do notice an attribute called "name" which gives just the name of the OU. the Distinguishedname Attribute value is the full path to that OU. Try your Query with just "name" instead

________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!
 
Upvote 0 Downvote
TechyMcSe2k,

Was affraid that might be the case.

Thanks for your input anyway.

Regards,

Michael
 
Upvote 0 Downvote
Csvde –r objectClass=user -l name=USERS –f file.txt

________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!
 
Upvote 0 Downvote
TechyMcSe2k,

It must be your naming convention. I don't have an OU included in the name.

Regards,

Michael
 
Upvote 0 Downvote
nah, wont work. sorry about that.


________________________________________
Achieving a perception of high intelligence level can only be limited by your manipulation skills of the Google algorithm!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
478
gbaughma
gbaughma
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
199
on3mansh0w
on3mansh0w
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
177
MarkSweetland
MarkSweetland
1DMF
  • Locked
  • Question
IE Truncating Query String
Replies
1
Views
118
1DMF
1DMF
suncit
  • Locked
  • Question
AD Corruption? Thanks for your help.
Replies
1
Views
105
markdmac
markdmac

Part and Inventory Search

Sponsor

Back
Top