cyclechip
asked on
How to structure an LDAP query to return computer objects within a specific Orgazinational Unit
A similar question was responded to that asked how to find all computers in AD running a specific operating system:
I am attempting to restrict the results for the Volume Activation Management Tool to update Office licenses. I'd like to return a subset of these computers within a specific OU structure:
domain.com/subOU/Computers /[computer ObjectsAre Here]
This keeps returning, "The search filter is invalid.":
LDAP://domain??sub?(&(objectClass=computer)(operatingSystemVersion=6*))
I am attempting to restrict the results for the Volume Activation Management Tool to update Office licenses. I'd like to return a subset of these computers within a specific OU structure:
domain.com/subOU/Computers
This keeps returning, "The search filter is invalid.":
LDAP://domain.com/CN=Computers,OU=subOU(&(objectClass=computer)(operatingSystemVersion=6*))
How would the LDAP filter be correctly structured?
ASKER
Hi umeli. I believe the use of "domain??sub?" in the related question were just placeholders for the actual domain names. I don't see any reference to question marks in any available LDAP documentation.
ASKER
I just learned on Wikipedia that the double question mark is part of a legitimate LDAP query (along with a triple forward-slash.) But this doesn't address the problem which, according to the error message, is in the filter and not in the 'server identity' part of the query.
ASKER
I'm getting there. I didn't initially notice that the word domain?? in the linked solution is in italics, indicating that I put in my domain name there, and leave sub?? alone. With this I got a listing of all my computers:
LDAP://[i]myDomain[/i]??sub?(&(objectClass=computer)(operatingSystemVersion=6*))
But I'm still unable to specify which OU I want to search...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for cyclechip's comment http:/Q_27517742.html#37400110
for the following reason:
This response answered the original question directly. I intend to add an 'assist' for the other response.
Accepted answer: 0 points for cyclechip's comment http:/Q_27517742.html#37400110
for the following reason:
This response answered the original question directly. I intend to add an 'assist' for the other response.
ASKER
Just trying to assign an assist to jwilleke since the info was good but lacked the necessary syntax for the VAMT.
ASKER
jwilleke provided accurate information for an LDAP query, then I posted the solution for plugging it into the VAMT.
you might be missing a ?
Open in new window