Jun 13 2017

LDAP Query Basics

This would return all objects that have the first name of John. Parentheses are included to emphasize the beginning and end of the LDAP statement.

You use this syntax when you have more than one condition, and you want all conditions in the series to be true. For example, if you want to find all of the people that have the first name of John and live in Dallas, you would use:

This statement would find all objects that do not have the first name of John. Notice that the. operator goes directly in front of the argument and inside the argument’s set of parentheses. Because there is only one argument in this statement, it is surrounded with parentheses for illustration.

You use the wildcard operator to represent a value that could be equal to anything. One such situation might be if you wanted to find all objects that have a value for title. You would then use:

To obtain the ADModify tool, contact Microsoft Product Support Services. For more information about how to contact Microsoft Product Support Services, see the Microsoft Help and Support Web site .

To obtain the ADModify tool from a third-party Web site, see the following GotDotNet Web site: ADModify.NET: Workspace Home .

ADModify is a tool that Microsoft Product Support Services uses on a daily basis. With large Active Directory environments, it is not always easy to add an entire organizational unit (OU) that could have thousands of users in it to the list on the right side, and then parse through all of them to find the users you need to change. There is an alternative. On the first screen, choose Modify Existing User Attributes and click Next. On the Modify Active Directory Users screen, there is an Advanced button.

If you click the Advanced button, the Custom LDAP Filter dialog box appears. In this dialog box, you type the LDAP filter that you want to use. In this example, you only want to list the groups that are mail-enabled. It would look like the following.

Next, click OK. Select the OU or the domain where you want ADModify to search. If you want it to look in lower-level containers within the one you selected, make sure to select Traverse Subcontainers when Enumerating Users. Click Add to List. and then click Yes when warned about how long it could take. The objects that meet the criteria you specified should now appear in the right pane.

From here, highlight the objects that you want to modify, and continue with the wizard.

