How do I LDAP active users from AD

Posted on 2010-11-17
Last Modified: 2013-12-24
Hi All,

I have a query and desperetly need some advise :)

I need to LDAP all active users from AD. I'm very fresh to LDAP scripts (I can do OU=xxx,DC=company,dc=com ;) so I'm not sure how to script the filter.
Got this so far but it is not working (&(&(objectClass=user)(OU=company Users,DC=company,DC=com)))

I thought I will add a LDAP browser image to help out.

Any help will be greately apprecaited. Thanks :)

Question by:aaromba
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3

Expert Comment

ID: 34153514
(&(&(objectClass=user)(CN=company Users,DC=company,DC=com)))
LVL 71

Expert Comment

by:Chris Dent
ID: 34153720

You cannot filter based on OU within an LDAP query, you have to set a Search Root / Base for the query.


Author Comment

ID: 34154779
Thanksfor your feedback guys. Much appreciated.  

decasey, for some strange reason your query does not work. Perhaps this is my soft limitation.

Chris, I'm not sure (lack of experience in LDAP) what do you mean by set a search root / base for the query. Could you be a bit more specific please :) I'm an LDAP blond haha

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

LVL 71

Expert Comment

by:Chris Dent
ID: 34154820

What are you using to do the query? Perhaps we can provide something with a bit more context? :)


Author Comment

ID: 34160748
sorry for late reply (Perth time :)
I am using HEAT (Service Desk app) LDAP. I have attached the screenshot of how it looks. Seems that I cannot use filters in Base DN. I can filter it using Object Classes (I believe, need to test it) below)   AD!
LVL 71

Accepted Solution

Chris Dent earned 500 total points
ID: 34162291
Ahh okay, so the Search Root is the Base DN value. If you only want to return users from a specific section of AD you'd enter a value into there. It looks like it may have a browse function linked with that Add button?

If not, the format for base DN will be:

OU=Users,OU=Lander Toyota,OU=NSW,DC=yourdomain,DC=com

That means that the filter, the search, is only applied to objects within that folder (and beneath that folder).

It looks like you can add more than one Base DN, which is refreshing :)

Does that do what you need to do?


Author Comment

ID: 34163877
Ha! Chris This has worked beautifully! Thank you very much for your help mate!! Much appreciated!

Featured Post

Do you have a plan for Continuity?

It's inevitable. People leave organizations creating a gap in your service. That's where Percona comes in.

See how relies on Percona to:
-Manage their database
-Guarantee data safety and protection
-Provide database expertise that is available for any situation

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
A Stored Procedure in Microsoft SQL Server is a powerful feature that it can be used to execute the Data Manipulation Language (DML) or Data Definition Language (DDL). Depending on business requirements, a single Stored Procedure can return differe…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question