Solved

LDAP Query Help

Posted on 2012-04-12
1
280 Views
Last Modified: 2012-05-02
Hi folks,

I need to write a single LDAP query which looks at a couple of OU's and returns only the user account details.  I am running this through custom search in AD as I need to then take the completed query and pass this to an application.

An example of one of the OU's would be:

TestOU\Subdomain.Domain.Internal

Any thoughts,  I have the basics as being:

* (objectCategory=organizationalUnit)(ou=Accounts)) = Which would return any OU's called accounts

* (objectCategory=Person)(objectClass=User) = Which returns any user account.

I need to combine the two (Which I have tried with a number of &'s and such but with no success) to limit the search scope as the domain I am querying is huge and returning over 10000 records (There are 50k accounts, I dont need all of them!)

Any help you could offer would be great.
0
Comment
Question by:Jase_x
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 400 total points
ID: 37838366
You can only have one search base

You could use a nice third party (free) tool  like adfind

http://www.joeware.net/freetools/tools/adfind/index.htm

adfind -b "DN of Accounts OU" -f "&(objectcategory=person)(objectclass=user)" samaccountname

adinfo is another nice free tool but it is not command line (has a GUI)   http://www.cjwdev.co.uk/Software/ADReportingTool/Info.html

Thanks

Mike
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question