[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Running LDAP query using Powershell

Posted on 2011-02-24
3
Medium Priority
?
1,435 Views
Last Modified: 2013-12-24
Hi

I asked the question below which was answered greatly...does anyone know how I can do this via Powershell in Windows 2008?

>>
Hi

We're running AD 2008 with 2008 Server member servers too. For some users we have a custom application that sets special AD attributes, these attributes are named

"customSync" - possible values YES, NO, SP1
"customEmail" - possible values PARTNER, SMTP1, SMTP2

What I'd like to do is run a query in AD to find users with some of these values, as below:

1. customSync=SP1
2. customEmail = SMTP1
3. customSync=YES *and* customEmail=SMTP2
4. customSync=YES *or& customEmail=SMTP2

I'd like to use ADUC to do this. I guess I can create a query within there, but after that I'm lost? All I can see is how to set queries for existing attributes (e.g. display name).

Could someone advise? I guess I need to run some sort of Custom Query but am not sure of which one and also the syntax to use for the four situations above.
>>

0
Comment
Question by:kam_uk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34968234
Just let know KenMcF about that. He will help you with PowerShell also :)
Paste link from this questioned to answered post and wait few hours ;)

Regards,
Krzysztof
0
 
LVL 27

Accepted Solution

by:
KenMcF earned 2000 total points
ID: 34969381
Hey iSiek :)

I would use the Quest AD cmdlets, it make it easier.

get-qaduser -searchroot "OU=USERSOU,DC=DOMAIN,DC=Local" -LDAPFILTER "(customSync=SP1)" | Select name, samaccountname | Export-csv c:\users.csv

get-qaduser -searchroot "OU=USERSOU,DC=DOMAIN,DC=Local" -LDAPFILTER "(&(customSync=YES)(customEmail=SMTP2))" | Select name, samaccountname | Export-csv c:\users.csv

get-qaduser -searchroot "OU=USERSOU,DC=DOMAIN,DC=Local" -LDAPFILTER "(|(customSync=YES)(customEmail=SMTP2))" | Select name, samaccountname | Export-csv c:\users.csv


http://www.quest.com/powershell/activeroles-server.aspx
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 35004218
Hi Ken :)

Quick, clear and easy ;)

Regards,
Krzysztof
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to get a list of available printers for display in a drop-down list, and then to use the selected printer to print an Access report or a Word document filled with Access data, using different syntax as needed for working with …
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question