Re: AD queries - wildcard with only one character
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 25 Jan 2007 23:17:34 -0600
objectClass generally isn't indexed (unless you changed that in your
directory), so it is a good idea to avoid it in a query if you can unless
the performance of the query is not important to you. objectCategory is
indexed and single-valued and performs much better for this type of thing.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Gregor" <Gregor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B5B33126-B8A7-4879-811D-669441332049@xxxxxxxxxxxxxxxx
Thank you very much for your quick answer.
I already use objectclass as I exclude all disabled computers in my query.
As you mentioned I will add a new condition for each location in my query.
Thank you again.
With kind regards,
Gregor
"Joe Kaplan" wrote:
There is no such LDAP filter. There are just exact matches and substring
matches (or >= and <=, although I don't think that's helpful in this
context). The best you could do would be:
*LE*
Unfortunately, that would be wickedly slow (medial searches like that
don't
execute against an index unless there is a special "tuple" index built
for
the attribute, and that isn't standard), and might yield some false
positives as well. If there aren't too many locations, then you could
create a big "OR" query:
(|(CN=CHILE*)(CN=NYCLE*)(CN=INDLE*))
Or something like that. I would expect that to be much faster. Adding
in a
condition to filter on objectCategory is probably a good idea too:
(&(objectCategory=computer)(|(CN=CHILE*)(CN=NYCLE*)(CN=INDLE*)))
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Gregor" <Gregor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3128C449-7565-480F-A170-96ED56CBE329@xxxxxxxxxxxxxxxx
Our computer name contains 10 characters. The first 3 contain the
location
name. The next 7 characters contain the serial number of the computer.
For
example: CHILE3KS45.
I would like to create a query (AD Users & Computers) to find our
entire
notebooks in all locations. I know that the notebook serial number
begins
with LE. Unfortunately, I am unable to find the syntax for the first 3
characters that should be a wildcard (as I am searching for all
locations). I
tried: ___ ??? %%% . Anyone an idea?
.
- References:
- Re: AD queries - wildcard with only one character
- From: Joe Kaplan
- Re: AD queries - wildcard with only one character
- Prev by Date: Re: Testing for Membership in Local User Group
- Next by Date: Re: ADFS Proxy Error
- Previous by thread: Re: AD queries - wildcard with only one character
- Next by thread: Edit Logon Scripts
- Index(es):
Relevant Pages
|
Loading
