Solved

LDAP Query Help

Posted on 2012-04-12
1
279 Views
Last Modified: 2012-05-02
Hi folks,

I need to write a single LDAP query which looks at a couple of OU's and returns only the user account details.  I am running this through custom search in AD as I need to then take the completed query and pass this to an application.

An example of one of the OU's would be:

TestOU\Subdomain.Domain.Internal

Any thoughts,  I have the basics as being:

* (objectCategory=organizationalUnit)(ou=Accounts)) = Which would return any OU's called accounts

* (objectCategory=Person)(objectClass=User) = Which returns any user account.

I need to combine the two (Which I have tried with a number of &'s and such but with no success) to limit the search scope as the domain I am querying is huge and returning over 10000 records (There are 50k accounts, I dont need all of them!)

Any help you could offer would be great.
0
Comment
Question by:Jase_x
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 400 total points
ID: 37838366
You can only have one search base

You could use a nice third party (free) tool  like adfind

http://www.joeware.net/freetools/tools/adfind/index.htm

adfind -b "DN of Accounts OU" -f "&(objectcategory=person)(objectclass=user)" samaccountname

adinfo is another nice free tool but it is not command line (has a GUI)   http://www.cjwdev.co.uk/Software/ADReportingTool/Info.html

Thanks

Mike
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now