KIXKicksKIXKicks
Starting to like KiXtart
Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
We have separated out our user accounts in Active Directory into different OUs (Normal Network Users remain in the Users OU, Shopfloor Accounts are in a different OU, and there are others).
Our code is hardcoded to the Users OU, can it be made to search all OUs?
The commented out line works but only for the Network Users in the Users OU.
Glenn BarnasGlenn Barnas KiX Supporter
Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
The "Users OU" isn't an OU, it's a container. That's why it isn't recommended to place user objects there. We generally create a root OU, with a Users OU, and then sub-OUs for different types of accounts. Allows global searches from "OU=Users,OU=MyCompany,DC=domain" or specific searches by specifying an additional OU level. I don't believe that you can mix OUs and containers in a single LDAP query.
Glenn
_________________________ Actually I am a Rocket Scientist!
Glenn BarnasGlenn Barnas KiX Supporter
Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
Cool - FYI - I just created a GetLDAPData UDF to my site. It is a front-end to fnLDAPQuery that returns a single-dimension array of users, groups, computers, OUs, or Sites from AD. You can specify a starting path (OU=Special Accounts,) and a qualifier (EU*) to limit the results, but it defaults to all objects found from the root, down. Might be helpful. The single-dim array is easier to work with than the array of arrays returned by fnLDAPQuery. There are a couple of LDAP and OU search UDFs on the site.
Glenn
_________________________ Actually I am a Rocket Scientist!
