Solved

LDAP Query Help

Posted on 2012-04-12
1
284 Views
Last Modified: 2012-05-02
Hi folks,

I need to write a single LDAP query which looks at a couple of OU's and returns only the user account details.  I am running this through custom search in AD as I need to then take the completed query and pass this to an application.

An example of one of the OU's would be:

TestOU\Subdomain.Domain.Internal

Any thoughts,  I have the basics as being:

* (objectCategory=organizationalUnit)(ou=Accounts)) = Which would return any OU's called accounts

* (objectCategory=Person)(objectClass=User) = Which returns any user account.

I need to combine the two (Which I have tried with a number of &'s and such but with no success) to limit the search scope as the domain I am querying is huge and returning over 10000 records (There are 50k accounts, I dont need all of them!)

Any help you could offer would be great.
0
Comment
Question by:Jase_x
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 400 total points
ID: 37838366
You can only have one search base

You could use a nice third party (free) tool  like adfind

http://www.joeware.net/freetools/tools/adfind/index.htm

adfind -b "DN of Accounts OU" -f "&(objectcategory=person)(objectclass=user)" samaccountname

adinfo is another nice free tool but it is not command line (has a GUI)   http://www.cjwdev.co.uk/Software/ADReportingTool/Info.html

Thanks

Mike
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question