Solved

search AD by firstname

Posted on 2011-09-30
21
636 Views
Last Modified: 2012-05-12
the below brings every usename that starts with john.. but i want to search only first name.. how cna i do that..
dsquery user -name *john* -limit 0

the userid maybe jjohnson but the name maybe john johnson, and i want all employees whose name is john or like john (even if firstname is johnson or mohjohng
0
Comment
Question by:25112
  • 8
  • 5
  • 3
  • +4
21 Comments
 
LVL 54

Expert Comment

by:Bill Prew
ID: 36891305
Try this.

dsquery user -givenName john -limit 0

~bp
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36891317
Use this

dsquery user -fn "John*" -limit 0 | dsget user -fn -ln -samid

Regards,
Krzysztof
0
 
LVL 6

Assisted Solution

by:Reubenwelsh
Reubenwelsh earned 25 total points
ID: 36891326
Hi, have you used powershell before? Powershell gives you a lot more options for operations like this. You can then do "get-aduser -firstname John" and youll get them all :)
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36891330
Oh sorry, it's available only in dsget structure ;) In this case you have to use more advanced query

dsquery * -filter "&(&(objectClass=User)(objectCategory=Person)(givenName=John*))" -limit 0 -attr name,givenName,sn

Krzysztof
0
 
LVL 54

Assisted Solution

by:Bill Prew
Bill Prew earned 25 total points
ID: 36891369
Sorry, I suspect my syntax isn't quite right, I tend to use ADFIND mostly, find it easier.  But I think the bottom line is you want to use the givenName attribute to filter by firt name, not the Name attribute.

~bp
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36891371
and if you're interested also with login in the output add als sAMAccountName at the end of query

dsquery * -filter "&(&(objectClass=User)(objectCategory=Person)(givenName=John*))" -limit 0 -attr name,givenName,sn,sAMAccountName

Krzysztof
0
 
LVL 7

Assisted Solution

by:ComputerBeast
ComputerBeast earned 50 total points
ID: 36891508
Hi all,
Try out the script:

On Error Resume Next

Const ADS_SCOPE_SUBTREE = 2

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

objCommand.CommandText = _
    "SELECT sAMAccountName FROM 'LDAP://dc=fabrikam,dc=com' WHERE objectCategory='user' " & _
        "AND givenName='John'
Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    Wscript.Echo objRecordSet.Fields("sAMAccountName").Value
    objRecordSet.MoveNext
Loop

Hope it helps.
Thank you
Anil
0
 
LVL 5

Author Comment

by:25112
ID: 36891760

thanks..

this is xp.. so no powershell possibility.

iSiek, should i made "givenName=*John*)" instead of "givenName=John*)" to account for "mohjohng" Firstname?

Is it the same (givenName='John' ) as above for ComputerBeast's code?
0
 
LVL 5

Author Comment

by:25112
ID: 36891772

dsquery * -filter "&(&(objectClass=User)(objectCategory=Person)(givenName=John*))" -limit 0 -attr name,givenName,sn,sAMAccountName
seems to bring something back, but is blank.. can see any content.. but i can see it tried to bring something back..
0
 
LVL 10

Expert Comment

by:ReneGe
ID: 36891828
Are you trying this while logged in with sufficient credentials?
0
 
LVL 5

Author Comment

by:25112
ID: 36891846
I can see other dsquery results.. only the above one  is coming as blank
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 25 total points
ID: 36892179
Make it *john* and that should work, I created a test user to verify(see screenshot)

Thanks

Mike
dsquery-john.jpg
0
 
LVL 5

Author Comment

by:25112
ID: 36892250
thanks Mike.

dsquery user -name *john* -limit 0
works for me, and brings back results but it queries on the username and not real name.

but
dsquery * -filter "&(&(objectClass=User)(objectCategory=Person)(givenName=*john*))" -limit 0 -attr name,givenName,sn,sAMAccountName
works but i cant see the results.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36892392
would you be willing to try another free tool to test with

adfind   http://www.joeware.net/freetools/tools/adfind/index.htm

query would almost look the exact same just want to see if you get different results.

Thanks

Mike
0
 
LVL 5

Author Comment

by:25112
ID: 36892464
sure- OK, so I tried
AdFind -f "name=*john*"

but i get back
ldap_get_next_page_s: Error 0x55 (85) - Timeout

0 Objects returned
0
 
LVL 5

Author Comment

by:25112
ID: 36892474
but
dsquery user -name *john* -limit 0
is lightning fast..
but does not give firstname or lastname
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36892492
ok tanks for downloading

try

adfind -default -f "&(objectcategory=person)(objectclass=user)(givenname=*john*)" samaccountname givenname


Thanks


Mike
0
 
LVL 5

Author Comment

by:25112
ID: 36892625
thanks.. but same timeout issue as lastime..
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 375 total points
ID: 36892697
I'm sorry I made a mistake in a syntax :/ to separate attributes to display from dsquery command, do not use comas (,) just spaces :/ My fault

Yes, you should use *John* to get everything containing john in First Name

dsquery * -filter "&(&(objectClass=User)(objectCategory=Person)(givenName=*john*))" -limit 0 -attr name givenName sn sAMAccountName

Krzysztof
0
 
LVL 5

Author Comment

by:25112
ID: 36893605
that was it! thanks a lot...
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36893658
You're welcome :)

Krzysztof
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question