GAL LDAP Query

C

camnet.systems

Hi,

just wondering if someone can help me out. This is an LDAP query with
regards to Microsoft Exchange 2003. I wish to filter out of the GAL
any users with a company1.com or company2.com smtp address. I can get
it to work for one addess but cannot work out how to also add the
seconds address.

eg.

(&(mailnickname=*)(|(&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList))(!(ProxyAddresses=*@company1.com))))

This works fine to filter out users with a company1.com smtp address
from the GAL. How do I also add to filter out company2.com smtp
addresses in the same query?

thanks

Dave
 
R

Richard Mueller

The clause you want is probably:

(&(!proxyAddresses=*@company1.com)(!proxyAddresses=*@company2.com))
 
G

Guest

Hello,
can anyone help me please, i have to write a ldap query to search for all my
user accounts who have more than one smpt email addresses. I have already
query for
(proxyaddresses=smtp:*@company.com)
but its not what i want actualy. I need to search for all accounts who have
more than one proxy address.
Can anyone help me with an ideea.

Thanks
 
R

Richard Mueller

"GAL LDAP query in Active Directory" <GAL LDAP query in Active
(e-mail address removed)> wrote in message
Hello,
can anyone help me please, i have to write a ldap query to search for all
my
user accounts who have more than one smpt email addresses. I have already
query for
(proxyaddresses=smtp:*@company.com)
but its not what i want actualy. I need to search for all accounts who
have
more than one proxy address.
Can anyone help me with an ideea.

Thanks
Click to expand...

I don't think there is any query that will only return accounts that have
more than one value for a multi-valued attribute. Instead, I think you must
query for all accounts where proxyAddresses is not Null, then output those
where there are more than one.

You can use ADO to retrieve the names of all users with one or more values
for proxyAddresses, then if the upper bound of the variant array retrieved
is greater than zero, there is more than one. In a VBScript example:
===============
Option Explicit

Dim objRootDSE, strDNSDomain, adoCommand, adoConnection
Dim strBase, strFilter, strAttributes, strQuery, adoRecordset
Dim strDN, arrProxyAddr

' Determine DNS domain name.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use ADO to search Active Directory.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

' Search entire domain.
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on all user objects with one or more proxy addresses.
strFilter = "(&(objectCategory=person)(objectClass=user)" _
& "(proxyAddresses=*))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName,proxyAddresses"

' Construct the LDAP query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute

' Enumerate the recordset.
Do Until adoRecordset.EOF
' Retrieve values.
strDN = adoRecordset.Fields("distinguishedName").Value
arrProxyAddr = adoRecordset.Fields("proxyAddresses").Value
' Output the names of user with more than one proxy address.
If (UBound(arrProxyAddr) > 0) Then
Wscript.Echo strDN
End If
adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close
Set objRootDSE = Nothing
Set adoCommand = Nothing
Set adoConnection = Nothing
Set adoRecordset = Nothing
 
J

Joe Richards [MVP]

Correct, you would have to return all accounts with any SMTP proxy and
then enumerate through them.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Getting the LDAP descriptor from a variable user login name 2
Using ADSI and LDAP to retrieve user attributes from active direct 1
LDAP help needed 4
LDAP Query to Find Users without Logon To restiction 1
SQL and/or AD Security to Query AD Database? 1
Export Active directory users and groups. 1
Exchange Address Book Filter 1
Help with small LDAP query 4

Top