Solved

LDAP query for computer in specific OU

Posted on 2014-09-12
8
2,431 Views
Last Modified: 2016-11-23
I want to run an LDAP query that will return me a list of computers in a specific OU.
If it matters I'm running the search through the Dell Kace software.

I can run this query which returns me all computers that start with NY-
(&(objectCategory=computer)(CN=NY-*))

I want to return all computers in the following location
OU=Accounting,OU=New York City,OU=WORKSTATIONS

I'm not having any luck combining the search variables to return all computers starting with NY- in the Accounting OU
0
Comment
Question by:Crucio606
8 Comments
 
LVL 6

Expert Comment

by:Chad Franks
ID: 40319856
This exact question was answered from a previous EE post:

http://www.experts-exchange.com/Software/Server_Software/Active_Directory/Q_23543128.html
0
 

Author Comment

by:Crucio606
ID: 40319912
Unfortunately this doesn't apply to me and I'm not running it via script but using Kace's search and filter fields.

The Kace search will work and do all the recursive work, I just need the correct variables.
0
 
LVL 16

Assisted Solution

by:Joshua Grantom
Joshua Grantom earned 250 total points
ID: 40319963
(&(objectCategory=computer)(CN=NY-*)(OU=Accounting,OU=New York City,OU=WORKSTATIONS,DC=DOMAINNAME,DC=LOCAL))
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40319980
It may be the other way around depending on how your AD Tree looks

(&(objectCategory=computer)(CN=NY-*)(OU=WORKSTATIONS,OU=New York City,OU=ACCOUNTING,DC=YOURDOMAINNAME,DC=LOCAL))

A screenshot of the tree from Active Directory Users and Computers would help me get the ldap query perfect
0
 
LVL 1

Assisted Solution

by:ldrose537
ldrose537 earned 250 total points
ID: 40320011
Crucio606,

If you have already seen the following, I apologize, but I thought it was potentially relevant:

https://www.kace.com/support/resources/kb/article/~/media/Files/Support/Knowledge-Base/KACE%20Appliance%20LDAP%20Reference%20Guide.ashx

Based on what I recall about Distinguished Name paths, theoretically you would just have to replace
"CN=NY-*" with the full DN path, minus the base DN if I'm reading the Kase info correctly. However, I have not worked with Kase, so I'm not 100% positive.

This however, I do know:
so for example if a full DN is
OU=LocationA, OU=Computers, DC=fabrikam, DC=local, then the portion you need is "OU=LocationA, OU=Computers" because the base is DC=fabrikam, DC=local.

Also a side note: take a look at the icon in AD - is the 'container' really an OU (picture of a directory inside) or just a container (Plain old folder). If it is a plain old folder, it would be CN=Computer, if it has an image of a directory/phonebook, it would be OU=Computer.
(CN stands for common name, OU stands for organizational unit, DC stands for domain component)
C--Users-lrose-Pictures-OUvsContainer.pn
0
 

Accepted Solution

by:
Crucio606 earned 0 total points
ID: 40392973
The solution ended up being pretty simple but it took their support pretty damn long to figure it out.

So what you posted: OU=Accounting,OU=New York City,OU=WORKSTATIONS,DC=DOMAINNAME,DC=LOCAL
was totally correct but I had to add a Kace specific search filter to pick out only computers:

(name=KBOX_COMPUTER_NAME)

Thanks for all the info, it def pointed me in the right direction
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40392983
Good to know! DELL is at it again lol
0
 

Author Closing Comment

by:Crucio606
ID: 40403695
I was required to use a Kace specific search string to finally get it to pull the computesr
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question