4 Replies Latest reply on Oct 15, 2019 1:24 AM by helmi1987

    search for AD user with LDAP search string

    mschubi Enthusiast
    vExpert

      Hello,

       

      is there a way to use LDAP search strings with vCO/vRO AD Plugin to find users?

      ActiveDirectory.searchRecursively(string,string) doesn't do the job :-(

       

      best regards,

      Mike

        • 1. Re: search for AD user with LDAP search string
          kericmiles Novice

          Currently there isn't, the search functions only use the name of the object.

          • 2. Re: search for AD user with LDAP search string
            schepp Virtuoso
            vExpertUser Moderators

            Hi Mike,

             

            how do you want to find your users?

             

            I can locate users in my AD with:

             

            ActiveDirectory.searchRecursively("User",input);

             

             

            Where input is part of the username.

             

             

            Tim

            • 3. Re: search for AD user with LDAP search string
              mschubi Enthusiast
              vExpert

              Hi Tim,

               

              i would like to searcg with LDAP search filters.

               

              Example:

               

              (&(objectClass=user)(| (cn=mike*)(cn=steve*)(cn=foo*)))  ---> all users where steve, mike or foo in Name

               

              (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))  ---> all disabled Users

               

              A test with ActiveDirectory.seach, ActiveDirectory.searchRecursively gets no results. In my opinion allthsi functions

              build LDAP strings with the srach string.

               

              I am wondering that an AD Class doesn't support LDAP filter search.....

               

              best regards,

              Mike

              • 4. Re: search for AD user with LDAP search string
                helmi1987 Novice

                this entry is a bit older but here's my action with LDAP filter

                 

                var adObjectSID = "ObjectSID from ActiveDirectory";
                
                var sIDQuery = "(&(objectSID="+adObjectSID+"))"
                
                
                var splitedDistinguishedName = ActiveDirectory.getAllDomainControllerComputers()[0].distinguishedName.split(",");
                var n = splitedDistinguishedName.length - 1;
                var baseDN = splitedDistinguishedName[n-1]+","+splitedDistinguishedName[n];
                
                
                var adObjectBySID =  ActiveDirectory.searchForEntry(baseDN,LdapSearchScope.SUB,5,sIDQuery,null); 
                
                
                if (adObjectBySID != null){
                return adObjectBySID
                } else {
                throw "SID not Found in ActiveDirectory Plugin"
                }
                

                 

                Greetings Helmi

                1 person found this helpful