LDAP search filter for Active Directory

active-directory ldap

Solution 1:

It is not possible to use different filter. User account hasn't attribute with domain name, so you cannot construct query with domain as parameter.

In Active Directory LDAP service contains only information from domain, for which DC is controller. If you have trusts with other domianst in forest, for getting information abount user from different domain you should contact with LDAP service from that domain.

Proper solution: discard domain name from search filter. Attribute sAMAccountName is unique in domain.

Solution 2:

If you are on a *nix box, use openldap utilities and the search is simple. Example

ldapsearch -h servername -b "dc=domain,dc=com" -D [email protected] -W -x sAMAccountName=username

userPrincipalName: [email protected]

I am not sure if you can use regex inside the filter. Write a script that dumps the output to a file and implement regex.

Related

Unix/Linux simple log parser (since, until)
how to enable redmine (ruby on rails) logging?
How do I audit changes made to our servers, routers, etc.?
Will a 300W psu drain more power than a 100W if the system only uses ~80W?
MS SQL Server Dynamic Port Range
Scripted install of Sun Java JDK on Ubuntu 9.04
What is Ubuntu enterprise cloud?
How can I edit the boot configuration data (BCD) store of another disk?
Classes & Defines in Puppet
server virtualization: hypervisor (xen) or virtualbox?
Why won't xfs_check run?
What is VMWARE vSphere?