Solved

LDAP Query - User Filter

Posted on 2011-03-09
4
1,121 Views
Last Modified: 2012-05-11
Dear all,

I need help to correct this LDAP query. I would like to import all users in sharepoint with:

 - That starts with:
   a-, d-, e-, b-, t-, s-, r-, p-, g-, f-

 -Do not be disabled users
 - Have the attribute: pmiIMDLAttribute1

My query is:
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAaccountname=s-*, a-*, d-*, e-*, b-*, t-*, s-*, r-*, p-*, g-*,f-*)))

How can I verify how many users I list with this query?.
0
Comment
Question by:Gonzalo Becerra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 35085777
You could run that query via ADUC (custom query) or download a tool like adfind to test the output http://www.joeware.net/freetools/tools/adfind/index.htm


adfind -default -f "your LDAP query here"  samaccountname

You say you want users that start with a-*, s-* etc

In your query you used !samaccountname   that will exclude those.  You have to list them out (&(samaccountname=a-*)(samaccountname=d-*)...etc...

Thanks

Mike
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
ID: 35086001
Hi Mike Tahnks :) I re write the query it's ok this query?

- Do not starts with:
   a-, d-, e-, b-, t-, s-, r-, p-, g-, f-

 -Do not be disabled users
 - Have the attribute: pmiIMDLAttribute1


(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAaccountname=s-*)(!sAMAaccountname=a-*)(!sAMAaccountname=d-*)(!sAMAaccountname=e-*)(!sAMAaccountname=b-*)(!sAMAaccountname=t-*)(!sAMAaccountname=r-*)(!sAMAaccountname=p-*)(!sAMAaccountname=g-*)(!sAMAaccountname=f-*))

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35086184
Yes that should work, I haven't had time to test but it does look good.

Thanks

Mike
0
 
LVL 1

Author Comment

by:Gonzalo Becerra
ID: 35094178
This is the final query:

(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2)(pmiIMDLAttribute1=*)(!sAMAccountName=s-*)(!sAMAccountName=a-*)(!sAMAccountName=d-*)(!sAMAccountName=e-*)(!sAMAccountName=b-*)(!sAMAccountName=t-*)(!sAMAccountName=r-*)(!sAMAccountName=p-*)(!sAMAccountName=g-*)(!sAMAccountName=f-*))


Thanks a lot Mike!
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question