Solved

LDAP Query Assistance

Posted on 2010-09-09
9
352 Views
Last Modified: 2012-05-10
I need to create an LDAP query that is kciking my butt...

I need to find all users whose employeeID begins with:

1
5
Con-
Temp-

(that part I can make work)

But I also do NOT want to retuen any users whose samAccountName begins with 0 or 1.

Any help appreciated.




0
Comment
Question by:DonYoung
9 Comments
 
LVL 5

Expert Comment

by:Swapnil Prajapati
ID: 33639016
You can run dsquery command to get the required information, in dsquery if you omit -samid it will not look for samid
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 33639032
So right now I don't have time to fully create some test accounts
If you have the first part down if you don't want samaccountnames that start with those try
(|(!samaccountname=0*)(!samaccountname=1*))
that | is an OR
and the ! is a NOT
Thanks
Mike
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639339
dsquery is not what I need.  This needs to be an LDAP Query (for use in an application)
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639423
(|(!samaccountname=0*)(!samaccountname=1*)) returns errors...

This seems to work for the samAccount name part:  (|(!(samaccountname=0*))(!(samaccountname=1*)))

Where to place the AND and ORs is where I am confused...

Does this say:  Give me all employees with an empoloyeeID starting with a 1, a 5, con-, temp-, UNLESS the samAccountname starts with a 0 or a 1?

(&(!(samaccountname=0*))(!(samaccountname=1*))(|(employeeID=1*)(|(employeeID=5*)(|(employeeID=Temp*)(|(employeeID=Con-*))))))
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 14

Assisted Solution

by:Shabarinath Ramadasan
Shabarinath Ramadasan earned 250 total points
ID: 33639432
(&(objectcategory=user)(|(samaccountname=1*)(samaccountname=5*)(samaccountname=con*)(samaccountname=temp*)(!samaccountname=0*)))
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33639459
Question is a bit confusing.

You asked for all accounts starting with 1, 5, con and temp.

Then again, you say that you dont want any account starting with 1.
"But I also do NOT want to retuen any users whose samAccountName begins with 0 or 1."

Please clarify.
Thanks
Shaba
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639469
No I need employeeIDs starting with 1, 5, con- or temp- UNLESS the samAccountName starts with a 0 or a 1.
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639527
OK I got it:

(&(objectcategory=user)(!(samaccountname=0*))(!(samaccountname=1*))(|(employeeID=1*)(|(employeeID=5*)(|(employeeID=Temp*)(|(employeeID=Con-*))))))

Thanks.  I shall split the points.
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33639559
Oh.. Got it..

(&(objectcategory=user)(|(employeeid=1*)(employeeid=5*)(employeeid=con*)(employeeid=temp*)(!samaccountname=0*)(!samaccountname=1*)))

Good luck
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now