Good story of "I touched the burner and hurt my fingers so I won't be doing that again anytime soon." :) Thanks for sharing. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
_____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Tuesday, August 15, 2006 12:10 AM To: [email protected] Subject: RE: [ActiveDir] ADFind Query Oh yes, we absolutely prefix our extensions... now. A few years ago (before I was here), someone decided to add a UID attribute to the schema with a bad OID, bad syntax, bad everything, and unfortunately this directly collided with the UID attribute that Windows 2003 wanted to add. It required an enormous amount of work to deal with since I don't have the ability to defunct the attribute. _____ From: [EMAIL PROTECTED] on behalf of joe Sent: Mon 8/14/2006 6:15 PM To: [email protected] Subject: RE: [ActiveDir] ADFind Query Yeah something like adfind -sc s:* ldapdisplayname attributeid -csv |grep -i 1.3.6.1.4.1.14376 would work fine. But still... the OP is hopefully prefixing schema attributes and classes with a corporate value... Otherwise they could run into collisions with vendors with bad schema practices. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Monday, August 14, 2006 6:17 PM To: Send - AD mailing list Subject: RE: [ActiveDir] ADFind Query If not, though less efficient, dump them all and pipe it through find ... -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com <http://msetechnology.com/> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, August 14, 2006 5:53 PM To: [email protected] Subject: RE: [ActiveDir] ADFind Query You shouldn't be getting that error with that command... Even if the attribute name was incorrect you wouldn't get that error, you would get 0 objects returned as the query processor doesn't output errors because of incorrect attributes being specified. However, that being said, this isn't going to work. You can't wildcard OIDs (or more accurately 2.5.5.2/6 data types). Hopefully you guys prefixes all of the classes and attributes you added with a company prefix so you can search on that like so adfind -schema -f name=joeware* ldapdisplayname -sl or the shortcut adfind -sc sl:joeware* -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Monday, August 14, 2006 5:29 PM To: [email protected] Subject: [ActiveDir] ADFind Query Hey guys, Simple question. I'm trying to perform a search to locate all the schema extensions that have been added in by our company. I thought some simple syntax like this would work to find all schema attributes with an attrbituteID prefixed with our OID. adfind -schema -f attributeID=1.3.6.1.4.1.14376.* ldap_get_next_page_s: [appsig-ad.appsig.com] Error 0x10 (16) - No Such Attribute I'm obviously missing something, any thoughts? Thanks, ~Ben
<<attachment: winmail.dat>>
