Link to home
Start Free TrialLog in
Avatar of cyclechip
cyclechipFlag for United States of America

asked on

How to structure an LDAP query to return computer objects within a specific Orgazinational Unit

A similar question was responded to that asked how to find all computers in AD running a specific operating system:
LDAP://domain??sub?(&(objectClass=computer)(operatingSystemVersion=6*))

Open in new window


I am attempting to restrict the results for the Volume Activation Management Tool to update Office licenses. I'd like to return a subset of these computers within a specific OU structure:
domain.com/subOU/Computers/[computerObjectsAreHere]

This keeps returning, "The search filter is invalid.":
LDAP://domain.com/CN=Computers,OU=subOU(&(objectClass=computer)(operatingSystemVersion=6*))

Open in new window

How would the LDAP filter be correctly structured?
Avatar of umeli
umeli
Flag of Switzerland image
Hi
you might be missing a ?

LDAP://domain.com/CN=Computers,OU=subOU??sub?(&(objectClass=computer)(operatingSystemVersion=6*))

Open in new window

Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

Hi umeli. I believe the use of "domain??sub?" in the related question were just placeholders for the actual domain names. I don't see any reference to question marks in any available LDAP documentation.
Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

I just learned on Wikipedia that the double question mark is part of a legitimate LDAP query (along with a triple forward-slash.) But this doesn't address the problem which, according to the error message, is in the filter and not in the 'server identity' part of the query.
Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

I'm getting there. I didn't initially notice that the word domain?? in the linked solution is in italics, indicating that I put in my domain name there, and leave sub?? alone. With this I got a listing of all my computers:
LDAP://[i]myDomain[/i]??sub?(&(objectClass=computer)(operatingSystemVersion=6*))

Open in new window

But I'm still unable to specify which OU I want to search...
ASKER CERTIFIED SOLUTION
Avatar of jwilleke
jwilleke
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of cyclechip
cyclechip
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

I've requested that this question be closed as follows:

Accepted answer: 0 points for cyclechip's comment http:/Q_27517742.html#37400110

for the following reason:

This response answered the original question directly. I intend to add an 'assist' for the other response.
Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

Just trying to assign an assist to jwilleke since the info was good but lacked the necessary syntax for the VAMT.
Avatar of cyclechip
cyclechip
Flag of United States of America image

ASKER

jwilleke provided accurate information for an LDAP query, then I posted the solution for plugging it into the VAMT.