'Dev_Language/AD'에 해당하는 글 2건

AD에 DirectoryEntry 로 객체를 찾은 후 해당 객체의 member 를 조회할때
보통은 group.properties["member"].value 로 검색을 하여 찾는다.

그런데 해당 member 에 할당된 객체수가 1500 건이 넘어가면 1500건 이상 조회가 되지 않는다.
아래는 1500건이 넘는경우 조회하는 방법이다. 

member 객체수가 1500 이상인 그룹에서 테스트를 해보면 마지막 cnt 값이 1500을 넘는것을 확인 할 수 있을것이다.
위 내용은 MSDN을 참조하였다.

출처: http://msdn.microsoft.com/ko-kr/library/ms180907(v=vs.90).aspx


저작자 표시 비영리 동일 조건 변경 허락
신고
크리에이티브 커먼즈 라이선스
Creative Commons License

WRITTEN BY
WizCody
WizCody 의 Tistory

받은 트랙백이 없고 , 댓글이 없습니다.
secret
- Find all Computers that are NT4.0 BDCs

(&(objectCategory=computer)(operatingSystemVersion=4*)(userAccountControl:1.2.840.113556.1.4.803:=8192))

- Find all Computers that do not have a Description
 Notice the "!" that means "NOT".

(objectCategory=computer)(!description=*)


- Find all Groups that have a Description

(objCategory=group)(description=*)

- Find all Groups that start with QA or HD
Notice the "|" that means "OR".

(objectCategory=group)(|(cn=QA*)(cn=HD*))

- Find all Objects where Department, Company or Description is Sales
Notice the "|" that means "OR".

(|(department=Sales)(company=Sales)(description=Sales))

- Find all Users created after 01.08.2004

(objectCategory=user)(whenCreated>=20040801000000.0Z)

- Find all Users except Sara
Notice the "!" that means "NOT".

(objectCategory=user)(!cn=sara*)

- Find all Users that are almost Locked-Out
Notice the ">=" that means "Greater than or equal to".

(objectCategory=user)(badPwdCount>=2)

- Find all Users that are Disabled

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

- Find all Users that are Disabled (another option)

(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))

- Find all Users that are members of QA Users Group in the Help Desk OU in the dpetri.net domain

(objectCategory=user)(memberOf=CN=QA Users,OU=Help Desk,DC=dpetri,DC=net)

- Find all Users that have an E-Mail Address (not Exchange related)

(objectClass=user)(mail=*)

- Find all Users that have an E-Mail attribute (Mail Enabled)

(objectClass=user)(email=*)

- Find all Users that have not changed password since 05.02.2004
Note: Download the datetointeger8.zip script to help you generate this date format.

(&(objectCategory=person)(objectClass=user)(pwdLastSet<=127204308000000000))

- Find all Users that have never logged in at all
Notice the "|" that means "OR" and the "!" that means "NOT".

(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))

- Find all Users that must change password at next logon

(objectCategory=user)(pwdLastSet=0)

- Find all Users with Dial-In permissions

(objectCategory=user)(msNPAllowDialin=TRUE)

- Find all Users with First Name of David

(objectcategory=user)(cn=David*)

- Find all Users with First Name of David or Dana
Notice the "|" that means "OR".

(objectcategory=user)(|(cn=David*)(cn=Dana*))

- Find all Users with Mobile numbers 050 or 051
Notice the "|" that means "OR".

(objectcategory=user)(|(mobile=050*)(mobile=051*))

- Find all Users with Password Never Expires set

(objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)

- Find all Users, Groups or Contacts where Company or Description is North
Notice the "|" that means "OR".

(|(objectcategory=user)(objectcategory=group)(objectcategory=contact))(|(description=North*)(company=North*))








신고
크리에이티브 커먼즈 라이선스
Creative Commons License

WRITTEN BY
WizCody
WizCody 의 Tistory

받은 트랙백이 없고 , 댓글이 없습니다.
secret