Help combining two LDAP queries

So I am trying to find all of the distribution groups that are in my AD environment that allow unauthenticated users to send to them.

In another question I was directed to the following LDAP query
(&(objectClass=group)(!msExchRequireAuthToSendTo=TRUE))
This query will return all distribution groups that dont require authentication.

This seems to work OK except it returns extra results. I am only interested in email enable distribution groups. I was able to come up with a query to find these.
(&(&(& (mailnickname=*) (| (objectCategory=group) ))))

What I would like to know is how can I combine these two queries so that they will only return mail enabled groups that dont require authentication?
LVL 35
Joseph DalyAsked:
Who is Participating?
 
Mike KlineCommented:
I don't have exchange in the lab at home (will install it soon) so I haven't fully tested
 I like adfind http://www.joeware.net/freetools/tools/adfind/index.htm
 
Try
adfind -default  -f "&(objectcategory=group)(legacyexchangedn=*)(!msExchRequireAuthToSendTo=TRUE)" name
Let me know if that works
Thanks
Mike
0
 
Joseph DalyAuthor Commented:
Well you know something I didnt use ADfind but your example did point me in the right direction.

I was able to test this using find, custom search in ADUC. Modified your syntax a little bit to below

(objectcategory=group)(!msExchRequireAuthToSendTo=TRUE)(mailnickname=*)

And it in fact does return a list of distribution groups where authentication is not turned on.

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.