After taking on a call to export contact information from the AD I thought it would be pertinent to put it on the blog roll….Just so everyone can share in the wonder of win2k3 and the CLI….
Basically a Department wanted names, telephone numbers, and email addresses of AD Accounts. The issue being that an external partner use a different LDAP to Win2k3 AD…they use Planet-LDAP.
Since Win2k3 uses user authentication to allow searches of the AD any LDAP service that connects to it must do the sam…I looked at some fairly complicated methods of extraction before I had an epiphany!!!!!
The answer was this
dsquery user “distinguished Name of users OU” -limit 0 | dsget user -display -tel -email > output_path_filename.txt
Normally when I use dsquery and dsget I’m looking for a single attribute like -dn (distinguished name) or something…so this brings home the point that you can return several attributes from the AD object with one query
So the first section
dsquery user “distinguished Name of users OU” -limit 0
connects the query to the AD and to a specific OU, now the second part after the pipe “|” does the final query
dsget user -display -tel -email
and voila… here is the info that is needed…less the huge LDAP path too…which could have been included if we really wanted to be a smarty pants!
And it puts all the returned information in a text file with 3 appropriately named columns too…OUTSTANDING!
So to summarise it was quite simple…DSQUERY to connect to the OU containing user objects and DSGET to retrieve information from the objects…and as much information as you can get in ONE query…then redirect it to a text file…by the way there is a limit to how many lines the AD will return from the DSQUERY command so if you want a full listing -limit 0 will stop the limitation.
And to be even more slick put that in a CMD file and put a chron job on it and you can get the info once a week, once a month…or…whenever!!!!!
No comments:
Post a Comment