Solved

LDAP Query Assistance

Posted on 2010-09-09
9
358 Views
Last Modified: 2012-05-10
I need to create an LDAP query that is kciking my butt...

I need to find all users whose employeeID begins with:

1
5
Con-
Temp-

(that part I can make work)

But I also do NOT want to retuen any users whose samAccountName begins with 0 or 1.

Any help appreciated.




0
Comment
Question by:DonYoung
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 5

Expert Comment

by:Swapnil Prajapati
ID: 33639016
You can run dsquery command to get the required information, in dsquery if you omit -samid it will not look for samid
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 33639032
So right now I don't have time to fully create some test accounts
If you have the first part down if you don't want samaccountnames that start with those try
(|(!samaccountname=0*)(!samaccountname=1*))
that | is an OR
and the ! is a NOT
Thanks
Mike
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639339
dsquery is not what I need.  This needs to be an LDAP Query (for use in an application)
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 2

Author Comment

by:DonYoung
ID: 33639423
(|(!samaccountname=0*)(!samaccountname=1*)) returns errors...

This seems to work for the samAccount name part:  (|(!(samaccountname=0*))(!(samaccountname=1*)))

Where to place the AND and ORs is where I am confused...

Does this say:  Give me all employees with an empoloyeeID starting with a 1, a 5, con-, temp-, UNLESS the samAccountname starts with a 0 or a 1?

(&(!(samaccountname=0*))(!(samaccountname=1*))(|(employeeID=1*)(|(employeeID=5*)(|(employeeID=Temp*)(|(employeeID=Con-*))))))
0
 
LVL 14

Assisted Solution

by:Shabarinath Ramadasan
Shabarinath Ramadasan earned 250 total points
ID: 33639432
(&(objectcategory=user)(|(samaccountname=1*)(samaccountname=5*)(samaccountname=con*)(samaccountname=temp*)(!samaccountname=0*)))
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33639459
Question is a bit confusing.

You asked for all accounts starting with 1, 5, con and temp.

Then again, you say that you dont want any account starting with 1.
"But I also do NOT want to retuen any users whose samAccountName begins with 0 or 1."

Please clarify.
Thanks
Shaba
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639469
No I need employeeIDs starting with 1, 5, con- or temp- UNLESS the samAccountName starts with a 0 or a 1.
0
 
LVL 2

Author Comment

by:DonYoung
ID: 33639527
OK I got it:

(&(objectcategory=user)(!(samaccountname=0*))(!(samaccountname=1*))(|(employeeID=1*)(|(employeeID=5*)(|(employeeID=Temp*)(|(employeeID=Con-*))))))

Thanks.  I shall split the points.
0
 
LVL 14

Expert Comment

by:Shabarinath Ramadasan
ID: 33639559
Oh.. Got it..

(&(objectcategory=user)(|(employeeid=1*)(employeeid=5*)(employeeid=con*)(employeeid=temp*)(!samaccountname=0*)(!samaccountname=1*)))

Good luck
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question