Yes, I believe it does support sub-tree searches. I actually haven't had a chance to try the sync tool out yet. I will post back tomorrow with the results.
Thanks again everyone! On Thu, Feb 25, 2010 at 5:11 PM, Barsodi.John <[email protected]> wrote: > What is your search base? Hopefully your domain. LDAP://DC=domain,DC=local > Does your tool support subtree searches? > > If yes to both, this should work without problem. I do it with several > products today. > > Thanks, > JB > > > -----Original Message----- > From: Robert Smith [mailto:[email protected]] > Sent: Thursday, February 25, 2010 5:02 PM > To: NT System Admin Issues > Subject: Re: LDAP Query across Multiple OU's > > Thanks all for the help. Unfortunately the tool we are using requires LDAP > queries only, otherwise DSQUERY would have worked fine. > > > On Thu, Feb 25, 2010 at 4:42 PM, Brian Desmond <[email protected]> wrote: >> That query will get you more than users - also groups. >> >> If all youw ant is users, you can simplify it to >> "(&(objectCategory=person)(objectClass=user))". If you want groups too, >> "(|(&(objectCategory=person)(objectClass=user))(&(objectCategory=group)(objectClass=group)))" >> >> Look at adfind as Michael suggested. You can use the incldn and excldn >> switches if you wanted and search the whole domain but only include >> certain OUs >> >> Thanks, >> Brian Desmond >> [email protected] >> >> c - 312.731.3132 >> >> >>> -----Original Message----- >>> From: Robert Smith [mailto:[email protected]] >>> Sent: Thursday, February 25, 2010 6:34 PM >>> To: NT System Admin Issues >>> Subject: Re: LDAP Query across Multiple OU's >>> >>> We are trying to get all of our users in all OUs, and it needs to be >>> done in LDAP. that query will return all the users from one specific >>> OU, but not all users in all OUs in a domain. >>> >>> Thanks, >>> Bob >>> >>> On Thu, Feb 25, 2010 at 4:30 PM, Brian Desmond >>> <[email protected]> wrote: >>> > That is a weird looking query. What are you trying to get out of it? >>> > >>> > Thanks, >>> > Brian Desmond >>> > [email protected] >>> > >>> > c - 312.731.3132 >>> > >>> > >>> >> -----Original Message----- >>> >> From: Robert Smith [mailto:[email protected]] >>> >> Sent: Thursday, February 25, 2010 5:44 PM >>> >> To: NT System Admin Issues >>> >> Subject: LDAP Query across Multiple OU's >>> >> >>> >> Hello, >>> >> >>> >> Is there any way to do an LDAP query for users across multiple >>> >> OU's via Saved Queries in ADUC? We are able to perform the custom >>> >> search below with the following LDAP queries, but this is only for >>> >> one OU at a time, we would like to be able to select a few at a >>> >> time out of almost a hundred OU's >>> >> >>> >> >>> (&(|(&(objectCategory=person)(objectSid=*)(!samAccountType:1.2.840.11 >>> >> 3 >>> >> 556.1.4.804:=3))(&(objectCategory=person)(!objectSid=*))(&(objectC >>> >> ate >>> >> gor >>> >> y=group)(groupType:1.2.840.113556.1.4.804:=14)))) >>> >> >>> >> >>> >> Thanks! >>> >> Bob >>> >> >>> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> > >>> > >>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> > >>> > >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
