query AD users what syntax?

Author Message
faulkkev

  • Total Posts : 593
  • Scores: 13
  • Reward points : 0
  • Joined: 11/1/2005
  • Location: Kansas City, MO
  • Status: offline
query AD users what syntax? Monday, January 09, 2012 4:45 AM (permalink)
0
I have a script that seems to work ,but I am wondering is my syntax ok?  I am only wanting to search user accounts not computer accounts thus i'm using objectcategory.  I'm actually interested in the msNPAllowDialin from a change perspective.  I'm not clear why category person  and class user vs. using objcategory user only.
 
objCommand.CommandText = "SELECT DistinguishedName,samaccountname,msNPAllowDialin,Name FROM 'LDAP://ou=users,ou=acme1,ou=acmeOU,dc=acmedomain,dc=com' WHERE objectCategory='user'" 
 
I have seen suggestions using this syntax.
 
 
"SELECT DistinguishedName,samaccountname,msNPAllowDialin,Name FROM 'LDAP://ou=Sales,dc=MyDomain,dc=com' WHERE objectCategory='person' AND objectClass='user'"
 
 
 
 
 
 
#1
    59cobalt

    • Total Posts : 981
    • Scores: 91
    • Reward points : 0
    • Joined: 7/17/2011
    • Status: offline
    Re:query AD users what syntax? Monday, January 09, 2012 12:03 PM (permalink)
    0
    "objectCategory='person' AND objectClass='user'" is the canonical way to filter for user accounts. "objectCategory='user'" only works because AD is making an effort (section "Other things to be aware of").
     
    #2

      Online Bookmarks Sharing: Share/Bookmark

      Jump to:

      Current active users

      There are 0 members and 1 guests.

      Icon Legend and Permission

      • New Messages
      • No New Messages
      • Hot Topic w/ New Messages
      • Hot Topic w/o New Messages
      • Locked w/ New Messages
      • Locked w/o New Messages
      • Read Message
      • Post New Thread
      • Reply to message
      • Post New Poll
      • Submit Vote
      • Post reward post
      • Delete my own posts
      • Delete my own threads
      • Rate post

      2000-2012 ASPPlayground.NET Forum Version 3.9