Announcement

Collapse
No announcement yet.

Export users using ldifde

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Export users using ldifde

    Hi !

    I've many users divide by OUs in my AD. In this situation i created one group where i added the users that i would like to export using idifde command.

    My question is: what command should i wirte in order to export only the users togheter with their attributes (cn, samAccountname, userprinciple name, etc) that belong to that group ?

    I tired many combination with -r objectClass and -l but i couldn't succedd.

    Many thanks,

    Dani

  • #2
    Re: Export users using ldifde

    Hi !

    Nobody can help me, please ?

    Thanks in advance !!

    Comment


    • #3
      Re: Export users using ldifde

      You should use the following syntax for the LDAP filter:

      Code:
      memberOf=<distinguished name of the group>
      i.e.:
      Code:
      "(memberof=CN=Domain Admins,CN=Users,DC=gute,DC=local)"
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"

      Comment


      • #4
        Re: Export users using ldifde

        Originally posted by guyt View Post
        You should use the following syntax for the LDAP filter:

        Code:
        memberOf=<distinguished name of the group>
        i.e.:
        Code:
        "(memberof=CN=Domain Admins,CN=Users,DC=gute,DC=local)"
        HI !!

        Thanks a lot for you support !

        Comment


        • #5
          Re: Export users using ldifde

          Originally posted by guyt View Post
          You should use the following syntax for the LDAP filter:

          Code:
          memberOf=<distinguished name of the group>
          i.e.:
          Code:
          "(memberof=CN=Domain Admins,CN=Users,DC=gute,DC=local)"
          I have another question: is it possible to filter base on more than one group ?

          To use something like

          "(&(memberof=CN=Domain Admins,CN=Users,DC=gute,DC=local)(memberof=CN=Grou p_Test,OU=Test2,CN=Users,DC=gute,DC=local))"

          Many thanks,

          Dani

          Comment


          • #6
            Re: Export users using ldifde

            Originally posted by varu0612 View Post
            I have another question: is it possible to filter base on more than one group ?

            To use something like

            "(&(memberof=CN=Domain Admins,CN=Users,DC=gute,DC=local)(memberof=CN=Grou p_Test,OU=Test2,CN=Users,DC=gute,DC=local))"
            Sure. If you want to make sure the account is a direct member of both groups, than the syntax is correct. If you want to check whether the account is member of one of the groups, than the syntax is:

            Code:
            (|(memberOf=<DN of group1>)(memberOf=<DN of group2>))
            There is one thing you should be aware of: if the account is a member of a group indirectly (is member of a group, which is a member of the group you are testing) LDAP query like that won't work. The better choice of checking group membership in the case of nesting, is looking at tokenGroups attribute (which is a constructed attribute) that will include the SIDs of the groups the account is member of directly or indirectly (andd yet it won't tell you anything about domain local groups in trusted domains)
            Guy Teverovsky
            "Smith & Wesson - the original point and click interface"

            Comment

            Working...
            X