Searching for Objects in AD

Searching for Objects in AD

Post by Bob Walk » Sat, 21 Dec 2002 07:02:54



Hello folks,

This is my first post for a very long time and apologies if this is a
bit too newbie.

When you do a search for an object in AD and it is found in the
results window, how can you tell which Organization Unit it is in?
e.g. you put a printer HP LJ 4000N in the Sales OU but then you forget
where you put it and you have dozens of OUs.  You do the search and it
comes up but there's no information on what OU it's in.  Am I just
being dumb or what!!!???

 
 
 

Searching for Objects in AD

Post by Richard Muelle » Sat, 21 Dec 2002 11:56:01



>When you do a search for an object in AD and it is found
in the
>results window, how can you tell which Organization Unit
it is in?
>e.g. you put a printer HP LJ 4000N in the Sales OU but
then you forget
>where you put it and you have dozens of OUs.  You do the
search and it
>comes up but there's no information on what OU it's in.  

Hi,

I assume you are using the Find feature in AD Users &
Computers. I don't believe you can get the OU information
there (amazing).

Short of manually searching every OU in AD, you have to
run a VBScript program to find the object and retrieve the
distinguishedName attribute, which includes the OU info. I
think ADO might be the best for this.

If you know the NT logon name (pre-W2k logon name), the
attribute to search is "sAMAccountName". If you know the
common name (also referred to as the Full Name), the
attribute is "cn". Query strings for both situations are
below - select one.

sName = "TestUser"

' Determine DNS domain name.
Set oRoot = GetObject("LDAP://RootDSE")
sDNSDomain = oRoot.Get("DefaultNamingContext")

' Use ADO to search Active Directory.
Set oCommand = CreateObject("ADODB.Command")
Set oConnection = CreateObject("ADODB.Connection")
oConnection.Provider = "ADsDSOObject"
oConnection.Open = "Active Directory Provider"
oCommand.ActiveConnection = oConnection

' If sName is cn, use this query.
sQuery = "SELECT DistinguishedName FROM 'LDAP://" _
  & sDNSDomain & "' WHERE cn = '" & sName &"'"

' If sName is sAMAccountName (NT name), use this query.
sQuery = "SELECT DistinguishedName FROM 'LDAP://" _
  & sDNSDomain & "' WHERE sAMAccountName = '" & sName &"'"

oCommand.CommandText = sQuery
oCommand.Properties("Page Size") = 100
oCommand.Properties("Timeout") = 30
oCommand.Properties("Searchscope") = 2
oCommand.Properties("Cache Results") = False
Set oResults = oCommand.Execute

Do Until oResults.EOF
  sAdsPath = oResults.Fields("DistinguishedName")
  MsgBox "User path: " & sAdsPath
  oResults.MoveNext
Loop

It is possible to find more than one user if you are
searching for cn. You could also find no matches.
sAMAccountName must be unique in the domain, so there can
be at most only one match. Note that the object can be a
uesr, computer, printer, etc.

Richard

 
 
 

Searching for Objects in AD

Post by Jeff » Sat, 21 Dec 2002 23:33:29


When you find the object, right-click >properties and click on the object
tab and it will show you the full path the the AD object.  Make sure in
Active Directory Users and computers you have went up to view and enabled
advanced features or else you won't see the object tab.

Printers however won't show an object tab but typically will have a server
name associated.  Then you can search for that server name(computer object)
and by default the printer will be located under that server.  If this is
the case to see the printer you'll have to enable view> Users, Groups, and
Computers as containers.


Quote:> Hello folks,

> This is my first post for a very long time and apologies if this is a
> bit too newbie.

> When you do a search for an object in AD and it is found in the
> results window, how can you tell which Organization Unit it is in?
> e.g. you put a printer HP LJ 4000N in the Sales OU but then you forget
> where you put it and you have dozens of OUs.  You do the search and it
> comes up but there's no information on what OU it's in.  Am I just
> being dumb or what!!!???

 
 
 

Searching for Objects in AD

Post by Joe Richards [MVP » Sun, 22 Dec 2002 23:32:14


First off this is really the wrong group for this question, this is a
programming group.

Anyway,

You can show the x500 name (DN including OU) by enabling its information to
be displayed in the column selector. In the find window when you have your
result set press ALT-V C. Or click on view and choose columns. Then select
the x500 Distinguished Name.

--
Joe Richards
www.joeware.net
---


Quote:> Hello folks,

> This is my first post for a very long time and apologies if this is a
> bit too newbie.

> When you do a search for an object in AD and it is found in the
> results window, how can you tell which Organization Unit it is in?
> e.g. you put a printer HP LJ 4000N in the Sales OU but then you forget
> where you put it and you have dozens of OUs.  You do the search and it
> comes up but there's no information on what OU it's in.  Am I just
> being dumb or what!!!???

 
 
 

1. Search filter for changed objects in ADS

Hi,

Problem:
USNChanged value for users and groups.
============================

If group a group "Group A" contains 10 users/members
and then I remove one user/member from that group.

Then query for the USNChanged value for the
objectClass=group and objectClass=user objectCategory = organizationalPerson
objectCategory=person.
The LDAP query filter only returns the group.

But inreality the user also has a change in his/her memberof property why is
the user not returns for the query
as a result.
Is it because "memberof" is one of  MS implimentaion rather than LDAP?

YTS

2. HELP Aztech PCI 56K V90 ITU & K56Flex

3. global catalog and searching for AD objects

4. moving code to unix

5. Authentication and AD objects.

6. Miracle Herbal Smoking Cure 100% guaranteed to work

7. Search object error

8. alpha-beta pruning

9. Searching for deleted objects

10. is there a way to count all AD objects very fast?

11. VB.NET: Can't access the properties of multiple AD objects at a time

12. AD Object picker.

13. Binding AD only for spesific object attributes returns more than specified......