Understanding Active Directory Select Statements

Posted on 2004-11-25
Last Modified: 2008-05-30
I've got this query which selects data from a customers active directory, but its only returning certain top level information

Problem is, I don't really understand all about OU=, DN= etc etc

The customers directory shows like this in windows explorer

Active Directory Users and Computers

The query which is

   Select PersonalTitle, Displayname, UserPrincipalName, sAMAccountName, ADsPat FROM 'LDAP://'

I am running this from VB Script. Its bringing back users I don't want and lots of other info, but apart from that and its working fine,

1. how can I change the bit in quotes to only return USERS from LEVEL2A ?
2. Any more information on what OU=, o=, c=, cn= etc means would be great.
3. Any ideas on how I can find out what fields names are available in the select statement (I get the feeling they vary by installation ??)

Question by:plq
    LVL 9

    Expert Comment

    Hey Paul,
    I don't use VB (don't get me started ;-) ). Anyways, I'm pretty sure that you're get a much better, quicker response if you ask this Q in the VB section: should redirect you to the right place :-)

    good luck with it - and soz I can't help further.
    LVL 5

    Accepted Solution


    Hi paul

    You need to include


    Hope this helps let me know how you get on

    LVL 8

    Author Comment

    Bang on. Thanks.

    Any ideas on the point 3 above ? How to query the AD for field names ? If they're fixed I just need a list, if they're not fixed I just need to know how to query the AD and I don't mind if its a manual task or programming task
    LVL 20

    Expert Comment

    Some pretty general links, but if you have some scripting experience then these are worth a look, as they'll give you some insight into querying AD,
    How Active Directory Searches Work
    The Script Repository (MS)
    The Script Center Script Repository
    Script Repository: Active Directory User Accounts

    Deb :))
    LVL 5

    Assisted Solution

    These are called user object attributes and are fixed within a standard AD schema.

    there are

    User naming attributes
    user security attributes
    user address attributes

    See link for details
    LVL 8

    Author Comment

    Big thanks to everyone for helping. Points to terry for answering completely, but thanks also to debsyl99 for the useful additional links which hopefully make this thread more useful to future readers.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
    In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now