Re: LDAP Query Search Help in AD 2003

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

That would be an OR operation.

Kind of like:

(&(objectCategory=person)(objectClass=user)(|(!memberOf=cn=MyDistGroup,ou=Sales,dc=MyDomain,dc=com)(!memberOf=cn=MyDistGroup2,ou=Sales,dc=MyDomain,dc=com)))

Note: I didn't test it this way, but that's the general idea if not the
absolutely correct syntax. Should be a fairly expensive query though. If you
have a lot of user class objects that are members of multiple groups it
could take a while.

A more efficient way to do that might be to use an alternate storage
mechanism to figure that out. i.e. a DB with a query.

Al

"MrRAlan" <MrRAlan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5F5DA78D-9D98-4DB5-AD15-8AC85D92E5B3@xxxxxxxxxxxxxxxx
> Rich,
>
> I am able to get it to list all members not in one group, but I need to
> check two groups. I am trying to find all exchange recipients who do not
> belong to group A or group B. You see, they need to belong to one or the
> other. I am trying to find mistakes. Thanks.
>
> "Richard Mueller [MVP]" wrote:
>
>> MrRAlan wrote:
>>
>> > I am trying to create a custom search query in an MMC. I want to show
>> > all
>> > Exchange Mailbox Recipients who do not belong to either Distribution
>> > List
>> A
>> > or Distribution List B. I know the exact CN=...etc for each list, it's
>> just
>> > the rest that I cannot figure out. Thanks.
>>
>> Use the memberOf attribute and specify the Distinguished Name of the
>> distribution group. The symbol "!" (the exclamation point) is the "Not"
>> operator. For example:
>>
>> (!memberOf=cn=MyDistGroup,ou=Sales,dc=MyDomain,dc=com)
>>
>> To find all users not in this group:
>>
>> (&(objectCategory=person)(objectClass=user)(!memberOf=cn=MyDistGroup,ou=Sale
>> s,dc=MyDomain,dc=com))
>>
>> Experiment in ADUC in "View", "Filter Options", "Create Custom Filter",
>> "Customize", "LDAP".
>>
>> --
>> Richard
>> Microsoft MVP Scripting and ADSI
>> Hilltop Lab web site - http://www.rlmueller.net
>> --
>>
>>
>>


.

Relevant Pages

  • Re: LDAP Query Search Help in AD 2003
    ... I am able to get it to list all members not in one group, ... belong to group A or group B. You see, they need to belong to one or the ... >> Exchange Mailbox Recipients who do not belong to either Distribution List ... > Use the memberOf attribute and specify the Distinguished Name of the ...
    (microsoft.public.windows.server.active_directory)
  • Re: LDAP query can it be done ?
    ... what I'm trying to due is fully enumerate a list of users that belong ... Are you trying to find all members of a particular group, ... This query could return group DN's, then you could use these DN's to ...
    (microsoft.public.windows.server.active_directory)
  • Re: Syntax needed to get needed reports
    ... what you posted as a query will not work for you because you must ... I ran the update query below to see what happens. ... > UPDATE Members ... > WHERE [Hobbies] Is Not Null; ...
    (microsoft.public.access.gettingstarted)
  • Re: Does DateDiff Have A Bug
    ... I changed the form (Members) RecordSource back to my Main ... Now I just use the results from the query and everything works better than ... MemberID FirstName LastName EntryDate DaysRemaining ... calculated field within it's calculation) would look like; ...
    (microsoft.public.access.formscoding)
  • Re: Syntax needed to get needed reports
    ... I tried it and it gives me a systax error in query expression. ... value that is in the Hobbies field, ... UPDATE Members ... >>> no listing or field name for the ERA Groups. ...
    (microsoft.public.access.gettingstarted)