Set it like this:
Base DN <SID=S-1-5-21-709049380-3306950797-3746505139>
Filter (&(ObjectCategory=*)(name=*))
Don't forget the '<' and '>' on the SID, you might also need to put in the
'-' symbol within the SID itself.
Also you might need to check in the control 'Return deleted objects' if the
object exist in the Deleted Object container. You'll find the controls in
Search - Options - Controls.
You also might need to
Regards,
/Jimmy
-------------------------------------
Jimmy Andersson, Q Advice AB
CEO & Principal Advisor
Microsoft MVP - Active Directory
---------- www.qadvice.com ----------
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AD
Sent: Friday, August 22, 2003 9:58 PM
To: [EMAIL PROTECTED]
Tony,
I clicked on Browse and then Search in LDP. The little window comes up. (I
actually used bind first).
In the base DN field I typed in "SID=S15A913838F5E5A9AABF22742D54F69"
In the Filter field I type in "(&(ObjectCategory=*))"
My scope is set to Subtree.
I clicked on Run.
The ObjectSID was a cut and paste from my attribute.
I does not return anything. What am I doing wrong here? I tried SID=,
objectSID=, GUID=,objectGIUD=.
Any help would be appreciated.
Thanks
Y
________________________________
From: Tony Murray
Sent: Fri 22/08/2003 10:02 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] LDAP query on ObjectSID attribute
It's not really using an attribute as your Base DN. The starting point for
a search can be SID, GUID or DN.
It works as Jimmy describes below.
Tony
---------- Original Message ----------------------------------
From: AD <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Fri, 22 Aug 2003 09:26:36 -0400
I never heard of using an attribute as your BaseDN.
If this worked for you I really would like to know how you did it.
Thanks
Y
From: Jimmy Andersson
Sent: Thu 21/08/2003 7:34 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] LDAP query on ObjectSID attribute
Why not use LDP and set it like this:
Base DN <SID=S-1-5-21-709049380-3306950797-3746505139>
Filter (&(ObjectCategory=*)(name=*))
(I used a SID from my lab domain)
You might need to load the control for deleted objects, if it's deleted.
Regards,
/Jimmy
-------------------------------------
Jimmy Andersson, Q Advice AB
CEO & Principal Advisor
Microsoft MVP - Active Directory
---------- www.qadvice.com ----------
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AD
Sent: Friday, August 22, 2003 12:35 AM
To: [EMAIL PROTECTED]
Anyone know how to query AD on the ObjectSID?
My query looks like this:
(&(ObjectCategory=user)(SamAccountName=*)(ObjectSID=S15-2-4-3412341341234124
32412344))
Doesn't return anything. I know the sid must converted but I am not sure
what format it should be in.
Thanks
Y
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
