Solved

LDAP Query - User Filter

Posted on 2011-03-09
4
1,115 Views
Last Modified: 2012-05-11
Dear all,

I need help to correct this LDAP query. I would like to import all users in sharepoint with:

 - That starts with:
   a-, d-, e-, b-, t-, s-, r-, p-, g-, f-

 -Do not be disabled users
 - Have the attribute: pmiIMDLAttribute1

My query is:
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAaccountname=s-*, a-*, d-*, e-*, b-*, t-*, s-*, r-*, p-*, g-*,f-*)))

How can I verify how many users I list with this query?.
0
Comment
Question by:Gonzalo Becerra
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 35085777
You could run that query via ADUC (custom query) or download a tool like adfind to test the output http://www.joeware.net/freetools/tools/adfind/index.htm


adfind -default -f "your LDAP query here"  samaccountname

You say you want users that start with a-*, s-* etc

In your query you used !samaccountname   that will exclude those.  You have to list them out (&(samaccountname=a-*)(samaccountname=d-*)...etc...

Thanks

Mike
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
ID: 35086001
Hi Mike Tahnks :) I re write the query it's ok this query?

- Do not starts with:
   a-, d-, e-, b-, t-, s-, r-, p-, g-, f-

 -Do not be disabled users
 - Have the attribute: pmiIMDLAttribute1


(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAaccountname=s-*)(!sAMAaccountname=a-*)(!sAMAaccountname=d-*)(!sAMAaccountname=e-*)(!sAMAaccountname=b-*)(!sAMAaccountname=t-*)(!sAMAaccountname=r-*)(!sAMAaccountname=p-*)(!sAMAaccountname=g-*)(!sAMAaccountname=f-*))

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35086184
Yes that should work, I haven't had time to test but it does look good.

Thanks

Mike
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
ID: 35094178
This is the final query:

(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAccountName=s-*)(!sAMAccountName=a-*)(!sAMAccountName=d-*)(!sAMAccountName=e-*)(!sAMAccountName=b-*)(!sAMAccountName=t-*)(!sAMAccountName=r-*)(!sAMAccountName=p-*)(!sAMAccountName=g-*)(!sAMAccountName=f-*))


Thanks a lot Mike!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question