Re: LDAP query information
- From: "Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 10 Jul 2006 14:08:28 -0500
Your syntax is OK. The problem is that canonicalName is operational. The
value is not saved in AD, but is computed when requested. Apparently a query
doesn't prompt AD to compute the value. I don't know of a workaround. Can
you use distinguishedName instead?
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
"Vishn" <Vishn@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6F51B81E-BB32-4221-83B0-C301F334C451@xxxxxxxxxxxxxxxx
Hi Richard,
Thanks for your response. Using ADUC, you can create queries by
selecting
the various attributes of the object but since the attributes of the
object
listed are restricted to a few, we have the option to do a "Custom Search"
&
then input the LDAP query. I have very less knowledge on working on LDAP
queries.
I had tried this query string - (&(objectCategory=computer)(name=*))
When I ran it, it executed successfully & gave me Name,Type,
Description,Modified fields. But when I tried the below query, it threw me
a
query error
(objectCategory=computer)(name=*)(canonicalName=*)
It seems to be a wrong query input (canonicalName) or wrong value passed
to
the attribute-CanonicalName(*). I have never worked on LDAP queries, so
please forgive my ignorance. I just assumed that the '*' argument pulled
all
the info from AD regarding that object attribute.
Can you please construct a LDAP query so that I can run it & test it.
Appreciate your help in this!
Sorry for the trouble!
Thanks,
Tilak
"Richard Mueller" wrote:
Vishn wrote:
Can you please help me in creating a LDAP Query which will pull the
information about all the attributes of computer accounts in Active
Directory
domain - For example, General tab info like 'computer name', 'Role' ,
Object
tab information like 'Canonical name of the object' & 'Object class -
Created
& Modified' etc. I was able to pull most of the information except for
'Canonical name of the object' which could not be created using 'Saved
Queries' column in Active Directory. I can create one using 'custom
search'
which needs me to input an LDAP query for the above objects which I am
not
aware of.
It would be really helpful is someone can post the LDAP query.
Hi,
I'm don't know how you can retrieve these values in ADUC, but the LDAP
query
for computer objects would be:
(objectCategory=computer)
The attributes you refer to are:
sAMAccountName (NetBIOS name of the computer)
objectClass (multi-valued)
whenCreated
whenChanged
canonicalName (Constructed, also called operational, meaning not saved in
AD
but computed when requested)
machineRole
I hope this helps.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
.
- Follow-Ups:
- Re: LDAP query information
- From: Vishn
- Re: LDAP query information
- References:
- Re: LDAP query information
- From: Richard Mueller
- Re: LDAP query information
- From: Vishn
- Re: LDAP query information
- Prev by Date: Re: Need Helping Scripting My Server
- Next by Date: Scripting SNMP
- Previous by thread: Re: LDAP query information
- Next by thread: Re: LDAP query information
- Index(es):
Relevant Pages
|
