LDAP Query Help

Hi folks,

I need to write a single LDAP query which looks at a couple of OU's and returns only the user account details.  I am running this through custom search in AD as I need to then take the completed query and pass this to an application.

An example of one of the OU's would be:

TestOU\Subdomain.Domain.Internal

Any thoughts,  I have the basics as being:

* (objectCategory=organizationalUnit)(ou=Accounts)) = Which would return any OU's called accounts

* (objectCategory=Person)(objectClass=User) = Which returns any user account.

I need to combine the two (Which I have tried with a number of &'s and such but with no success) to limit the search scope as the domain I am querying is huge and returning over 10000 records (There are 50k accounts, I dont need all of them!)

Any help you could offer would be great.
Jase_xAsked:
Who is Participating?
 
Mike KlineCommented:
You can only have one search base

You could use a nice third party (free) tool  like adfind

http://www.joeware.net/freetools/tools/adfind/index.htm

adfind -b "DN of Accounts OU" -f "&(objectcategory=person)(objectclass=user)" samaccountname

adinfo is another nice free tool but it is not command line (has a GUI)   http://www.cjwdev.co.uk/Software/ADReportingTool/Info.html

Thanks

Mike
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.