Querying AD with the LIKE operator

TheMSsForum.com: The Microsoft Software Forum

I have a weird problem querying AD for computer accounts.

I am trying to query AD for any computer in any OU that contains "server" in
the name of the OU.

EG: CN=cdecitrix9,OU=CAN,OU=!Citrix,OU=Servers,DC=MyDomain,DC=com
CN=abccwrk1,OU=CAN,OU=Servers,DC=MyDomain,DC=com

We have several nested OU's that I need to enumerate.

Here code that searches the "name" attribute of AD computers:
'<><><><><><><><><><><><><><><><><><><><><><>
Const ADS_SCOPE_SUBTREE = 2

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = "Select distinguishedName,Name from
'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and name =
'*MyComp*'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst

Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("distinguishedName").Value
objRecordSet.MoveNext
Loop
'<><><><><><><><><><><><><><><><><><><><><><>

The above looks (starting at the root of the domain) for computers that have
the string "MyComp" somewhere in their name. The above script works as
expected.

If I change the query command to:

objCommand.CommandText = "Select distinguishedName,Name from
'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and
distinguishedName = '*MyComp*'"

It doesn't work. You would think "distinguishedName" would return the same
set of computers but it only returns and empty data set.

Any ideas?

Thanks,

Dan
Top

Re: Querying AD with the LIKE operator by Richard

Richard
Fri Jul 22 19:36:02 CDT 2005

Hi,

Wildcards are not allowed when filtering/querying on distinguishedName. Only
exact matches are recognized. This is true of any attribute with "DN"
syntax.

--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab web site - http://www.rlmueller.net
--
"Dan White" <Dan.White@Spam.All.You.Want.com> wrote in message
news:e922DOwjFHA.3656@TK2MSFTNGP09.phx.gbl...
> I have a weird problem querying AD for computer accounts.
>
> I am trying to query AD for any computer in any OU that contains "server"
in
> the name of the OU.
>
> EG: CN=cdecitrix9,OU=CAN,OU=!Citrix,OU=Servers,DC=MyDomain,DC=com
> CN=abccwrk1,OU=CAN,OU=Servers,DC=MyDomain,DC=com
>
> We have several nested OU's that I need to enumerate.
>
> Here code that searches the "name" attribute of AD computers:
> '<><><><><><><><><><><><><><><><><><><><><><>
> Const ADS_SCOPE_SUBTREE = 2
>
> Set objConnection = CreateObject("ADODB.Connection")
> Set objCommand = CreateObject("ADODB.Command")
> objConnection.Provider = "ADsDSOObject"
> objConnection.Open "Active Directory Provider"
>
> Set objCommand.ActiveConnection = objConnection
> objCommand.CommandText = "Select distinguishedName,Name from
> 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and name =
> '*MyComp*'"
> objCommand.Properties("Page Size") = 1000
> objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
> Set objRecordSet = objCommand.Execute
> objRecordSet.MoveFirst
>
> Do Until objRecordSet.EOF
> Wscript.Echo objRecordSet.Fields("distinguishedName").Value
> objRecordSet.MoveNext
> Loop
> '<><><><><><><><><><><><><><><><><><><><><><>
>
> The above looks (starting at the root of the domain) for computers that
have
> the string "MyComp" somewhere in their name. The above script works as
> expected.
>
> If I change the query command to:
>
> objCommand.CommandText = "Select distinguishedName,Name from
> 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and
> distinguishedName = '*MyComp*'"
>
> It doesn't work. You would think "distinguishedName" would return the same
> set of computers but it only returns and empty data set.
>
> Any ideas?
>
> Thanks,
>
> Dan
>
>


Top

Re: Querying AD with the LIKE operator by Dan

Dan
Mon Jul 25 09:10:07 CDT 2005

I guess I will just have to return all computers then parse them out.
Thanks!

Dan
"Richard Mueller [MVP]" <rlmueller-NOSPAM@ameritech.NOSPAM.net> wrote in
message news:u46Kd8xjFHA.3608@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> Wildcards are not allowed when filtering/querying on distinguishedName.
Only
> exact matches are recognized. This is true of any attribute with "DN"
> syntax.
>
> --
> Richard
> Microsoft MVP Scripting and ADSI
> Hilltop Lab web site - http://www.rlmueller.net
> --
> "Dan White" <Dan.White@Spam.All.You.Want.com> wrote in message
> news:e922DOwjFHA.3656@TK2MSFTNGP09.phx.gbl...
> > I have a weird problem querying AD for computer accounts.
> >
> > I am trying to query AD for any computer in any OU that contains
"server"
> in
> > the name of the OU.
> >
> > EG: CN=cdecitrix9,OU=CAN,OU=!Citrix,OU=Servers,DC=MyDomain,DC=com
> > CN=abccwrk1,OU=CAN,OU=Servers,DC=MyDomain,DC=com
> >
> > We have several nested OU's that I need to enumerate.
> >
> > Here code that searches the "name" attribute of AD computers:
> > '<><><><><><><><><><><><><><><><><><><><><><>
> > Const ADS_SCOPE_SUBTREE = 2
> >
> > Set objConnection = CreateObject("ADODB.Connection")
> > Set objCommand = CreateObject("ADODB.Command")
> > objConnection.Provider = "ADsDSOObject"
> > objConnection.Open "Active Directory Provider"
> >
> > Set objCommand.ActiveConnection = objConnection
> > objCommand.CommandText = "Select distinguishedName,Name from
> > 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and name =
> > '*MyComp*'"
> > objCommand.Properties("Page Size") = 1000
> > objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
> > Set objRecordSet = objCommand.Execute
> > objRecordSet.MoveFirst
> >
> > Do Until objRecordSet.EOF
> > Wscript.Echo objRecordSet.Fields("distinguishedName").Value
> > objRecordSet.MoveNext
> > Loop
> > '<><><><><><><><><><><><><><><><><><><><><><>
> >
> > The above looks (starting at the root of the domain) for computers that
> have
> > the string "MyComp" somewhere in their name. The above script works as
> > expected.
> >
> > If I change the query command to:
> >
> > objCommand.CommandText = "Select distinguishedName,Name from
> > 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and
> > distinguishedName = '*MyComp*'"
> >
> > It doesn't work. You would think "distinguishedName" would return the
same
> > set of computers but it only returns and empty data set.
> >
> > Any ideas?
> >
> > Thanks,
> >
> > Dan
> >
> >
>
>


Top

Re: Querying AD with the LIKE operator by Dan

Dan
Mon Jul 25 14:39:14 CDT 2005

Richard, Is it possible to run a select statement against the record set
before stepping through the results?

Thanks,

Dan
"Dan White" <Dan.White@Spam.All.You.Want.com> wrote in message
news:%23TnsQKSkFHA.3336@tk2msftngp13.phx.gbl...
> I guess I will just have to return all computers then parse them out.
> Thanks!
>
> Dan
> "Richard Mueller [MVP]" <rlmueller-NOSPAM@ameritech.NOSPAM.net> wrote in
> message news:u46Kd8xjFHA.3608@TK2MSFTNGP12.phx.gbl...
> > Hi,
> >
> > Wildcards are not allowed when filtering/querying on distinguishedName.
> Only
> > exact matches are recognized. This is true of any attribute with "DN"
> > syntax.
> >
> > --
> > Richard
> > Microsoft MVP Scripting and ADSI
> > Hilltop Lab web site - http://www.rlmueller.net
> > --
> > "Dan White" <Dan.White@Spam.All.You.Want.com> wrote in message
> > news:e922DOwjFHA.3656@TK2MSFTNGP09.phx.gbl...
> > > I have a weird problem querying AD for computer accounts.
> > >
> > > I am trying to query AD for any computer in any OU that contains
> "server"
> > in
> > > the name of the OU.
> > >
> > > EG:
CN=cdecitrix9,OU=CAN,OU=!Citrix,OU=Servers,DC=MyDomain,DC=com
> > > CN=abccwrk1,OU=CAN,OU=Servers,DC=MyDomain,DC=com
> > >
> > > We have several nested OU's that I need to enumerate.
> > >
> > > Here code that searches the "name" attribute of AD computers:
> > > '<><><><><><><><><><><><><><><><><><><><><><>
> > > Const ADS_SCOPE_SUBTREE = 2
> > >
> > > Set objConnection = CreateObject("ADODB.Connection")
> > > Set objCommand = CreateObject("ADODB.Command")
> > > objConnection.Provider = "ADsDSOObject"
> > > objConnection.Open "Active Directory Provider"
> > >
> > > Set objCommand.ActiveConnection = objConnection
> > > objCommand.CommandText = "Select distinguishedName,Name from
> > > 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and name =
> > > '*MyComp*'"
> > > objCommand.Properties("Page Size") = 1000
> > > objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
> > > Set objRecordSet = objCommand.Execute
> > > objRecordSet.MoveFirst
> > >
> > > Do Until objRecordSet.EOF
> > > Wscript.Echo objRecordSet.Fields("distinguishedName").Value
> > > objRecordSet.MoveNext
> > > Loop
> > > '<><><><><><><><><><><><><><><><><><><><><><>
> > >
> > > The above looks (starting at the root of the domain) for computers
that
> > have
> > > the string "MyComp" somewhere in their name. The above script works as
> > > expected.
> > >
> > > If I change the query command to:
> > >
> > > objCommand.CommandText = "Select distinguishedName,Name from
> > > 'LDAP://DC=MyDomain,DC=com' where objectClass='computer' and
> > > distinguishedName = '*MyComp*'"
> > >
> > > It doesn't work. You would think "distinguishedName" would return the
> same
> > > set of computers but it only returns and empty data set.
> > >
> > > Any ideas?
> > >
> > > Thanks,
> > >
> > > Dan
> > >
> > >
> >
> >
>
>


Top