m0tek
asked on
ldap query to see which OU the user is in
Hi !
im currently auditing "user set to never expire" on my active directory users.
the notification is created once an event 624 is created on the dc with the never expire audit.
if this happens on a "generic" user (on our corperation) - it is fine.
a generic user is created in a certain OU.
since event 624 does not log the OU , i want to trigger an ldap query once a "user set to never expire trigger" occures .
how is it possible to do such thing (on a command line command) , and get a log back (so i can parse it back to the system and check if the user is in that certain OU or not..)
thanks
im currently auditing "user set to never expire" on my active directory users.
the notification is created once an event 624 is created on the dc with the never expire audit.
if this happens on a "generic" user (on our corperation) - it is fine.
a generic user is created in a certain OU.
since event 624 does not log the OU , i want to trigger an ldap query once a "user set to never expire trigger" occures .
how is it possible to do such thing (on a command line command) , and get a log back (so i can parse it back to the system and check if the user is in that certain OU or not..)
thanks
ASKER
i would like to run a script / command with a user (script.bat username) and the following will return in which OU'S does this user exist , i need it returned into a textfile which i can later on read (a security information event management system will read it)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good stuff ^^
Thanks
query that will return all users ou with password never expire ?
vbscript solution will help you ?