Something changed in Net::LDAP a couple of years ago.. try the following syntax:
(useraccountcontrol:dn:1.2.840.113556.1.4.803:=2) Note the :dn: On Wed, December 6, 2006 11:28 am, Lyndley Nygel wrote: > > > Hi, > > > > I'm having an issue list disabled computer accounts on an LDAP query though > Net::LDAP to active directory, a cut down query as example : > > > > (&(sAMAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=2)) > > > > Should locate server accounts which have the disabled flag set. > > > > The sepcific problem seems to be Net::LDAP's parsing of the > userAccountControl part. This query works fine in AD users and computers > but Net::LDAP seems unable to parse it. "Bad file descriptor". > > > > I've tried escaping/multiple escaping/swapping for escaped hex the : and . > every which way but just can't get this query to run. Could anyone offer > some advice on how to execute this? > > > > Thanks > > > > Nygel > >
