|
Hi
Dan, as
joe said you can also modify the search base, so when creating the saved query
select the seach base (it’s on the first screen of the dialog which let’s
you add a saved query, not in the definition of the query itself). Sorry –
don’t have the interface in front of me so I’m not sure about the
wording, but there are just three options: name of the saved query, search base
and query. If
you have any further questions ... Ulf From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Holme Thanks!!!! For the scoop, Joe!!! And yes, I LOVE ADFIND, but it doesn’t provide a result set
within the MMC… I’m trying to do an MMC (AD UC snap-in) Saved Query
as the basis for a custom Taskpad … Sorry I wasn’t clear about
that. Guess I’m out of luck. Thanks again, though! At least I know not to keep beating my
head against the wall! Dan From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe It seems I have been answering a lot of questions like this
lately... You can not put parts of the DN into the LDAP query. The only way
to control what branches a query looks at are 1. Permissions 2. Search base 3. Search scope. You need to be the most specific you need to be to either include
or exclude various branches of the tree. That being said, someone who wanted to have those specific branches
filtered out or filtered in to the outputted return set but didn't mind actually
returning a lot more data could look to see if they can find a tool that was
written by someone bright enough to add options to let you do that. Hey there is one... It is called adfind and has excldn and incldn
switches to allow you to specify portions of a DN of objects you would like
outputted. FYI, there is a bug in the objects returned counter when using
incldn, I have to go in and fish it out of there. It is because I cut and
pasted the excldn code to produce the incldn section. ;o) Anyway, your query would look something like adfind -default -f objectcategory=computer -incldn ou=workstations Keep in mind though that every computer in your org will be passed
back to your client so if you have 100k computers and only 10 are in the
ou=workstations ou's it will seem AWFULLY SLOW.... There is no way for me to
get around that. joe From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Holme Hey, all! I am trying to create a saved query to pull out computers that
exist within a WORKSTATIONS ou; and that OU may exist within several
higher-level OUs, i.e. distinguishedName=*OU=Workstations* but the Saved Queries interface in ADUC doesn’t seem to like
distinguishedName (I’ve also tried dn= and DN=). Any ideas, please? Dan Holme |
- RE: [ActiveDir] Saved Query for Distinguished Name Co... Dan Holme
- RE: [ActiveDir] Saved Query for Distinguished Na... Ulf B. Simon-Weidner
- RE: [ActiveDir] Saved Query for Distinguished Na... joe
