help with LDAP query syntax...

B

Ben Hanson

I have been working with ldifde/csvde a good bit lately but I am having a
hard time with the syntax using the NOT qualifier in my LDAP query. Say I
want to show all users in the domain EXCEPT the ones that are
disabled...this is how I would write it, but it doesn't return any records.
Can
someone tell me what I am missing? A parentheses somewhere?

ldifde -f c:\export.ldf -l
(objectclass,useraccountcontrol,samaccountname) -r
(!((&(objectclass=user)(samaccountname=*))(useraccountcontrol=66050)))

If I drop the NOT modifier, re-do the parentheses correctly,
and run your basic AND query I get all the results (but it includes disabled
accounts).

-Ben
 
S

Stefan Buchman

Here is the LDAP query that will return all enabled users:

(&(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))

- Stefan
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

attribute for disabled account 3
LDIFDE - Export 2
export disabled account 1
How to add non mail enable user with LDAP 2
Importing Computer Objects - LDIFDE 1
PASSWORD NEVER EXPIRES FIELD - URGENT HELP NEEDED - PLEASE!!! 9
userAccountControl codes polling LDAP 1
SQL and/or AD Security to Query AD Database? 1

Top