Home > Others

Using ldp.exe to find data in the Active Directory

Source: Internet
Author: User
Tags ldap
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Using ldp.exe to find data in the active directorythis article applies to Windows 2000. Support for Windows 2000 ends on July 13,201 0.The Windows 2000 end-of-Support Solution Center (http://support.microsoft.com /? SCID = http % 3A % 2f % 2fsupport.microsoft.com % 2fwin2000) is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft support lifecycle Policy (http://support.microsoft.com/lifecycle/). Notice

This article applies to Windows 2000.Support for Windows 2000 ends on July 13,201 0.The Windows 2000 end-of-Support Solution Center (http://support.microsoft.com /? SCID = http % 3A % 2f % 2fsupport.microsoft.com % 2fwin2000) is a starting point for planning your migration strategy from Windows 2000. for more information see the Microsoft support lifecycle Policy (http://support.microsoft.com/lifecycle/) .ldp.exe is a Windows 2000 Support Tools utility you can use to perform lightweig...

Ldp.exe is a Windows 2000 Support Tools utility you can use to perform Lightweight Directory Access Protocol (LDAP) searches against the Active Directory for specific information given search criteria. this also allows administrators to query data that wowould otherwise not be visible through the Administrative Tools defined in the product. all data that is returned in LDP queries, however, is subject to security permissions.

If you have already determined the name of the attribute to be used in the search, refer to the section "searching the Active Directory for specific information" below. otherwise, you need to determine the name of the attribute that correlates to the data to be used as the search criteria. to determine this, first follow the procedures in the section "determining the name of the attribute to be used in the search ".

Determining the name of the attribute to be used in the search Insert the window...

Determining the name of the attribute to be used in the search


  1. Insert the Windows 2000 CD-ROM and open the windows 2000 Support Tools kit. From \ support \ tools, run setup.exe. This INSTALLThe Support Tools kit, which in turn installldp.
  2. OnConnectionMenu, clickConnect.
  3. Type in the server name of a domain controller in the enterprise, verify thatPortSetting is set to 389, click to clearConnectionlessCheck box, and then clickOK. Once the connection is complete, server-specific data is displayed in the right pane.
  4. OnConnectionMenu, clickBind. Type the user name, password, and domain name (in DNS format) in the appropriate boxes (you may need to selectDomainCheck box), and then clickOK. If the binding is successful, you shoshould receive a message similar to "authenticated as DN: 'youruserid'" in the right pane.
  5. OnBrowseMenu, clickSearch.
  6. TheBase DNIs the starting point in the Active Directory hierarchy at which your search will begin. InBase DNBox, typeCN = schema, Cn = configuration, Dc =Mydomain, Dc =Com

    ReplacingMydomainAndComWith the appropriate domain name. Note: The domain name for the base DN when searching the schema will always be for the root domain of the forest.

  7. InFilterBox, type(Admindescription = *Yourtexthere*)

    ReplacingYourtexthereWith a keyword that might describe the attribute you are looking.

    Or, Type

    (Admindisplayname = *Yourtexthere*)

    ReplacingYourtexthereWith a part of the name of the attribute as it is displayed in the administrative tools (e.g. Entering "office" wocould return the attribute "physicaldeliveryofficename ".)

    Or, Type

    (Ldapdisplayname = *Yourtexthere*)

    ReplacingYourtexthereWith a part of the name of the attribute as used in LDAP queries, if you know it.

  8. InScopeFrame, clickSubtree.
  9. ClickOptions. InAttributesBox, typeLdapdisplayname.
  10. Accept all other defaults, clickOKAnd then clickRun. After the query completes, the distinguished name (DN) of the object (s) found and the value ofLdapdisplaynameAttribute (now used in turn to search for data) of each are displayed in the right pane.

    For example, doing a search on any attributes that have the text "office" in the "admindisplayname" wocould yield the following output:

    * ** Searching... ldap_search_s (LD, "cn = schema, Cn = configuration, Dc = mydomain, Dc = com", 2, "(admindisplayname = * Office *)", attrlist, 0, & MSG)
    Result <0>: (null)
    Matched DNS:
    Getting 3 entries:
    > Dn: Cn = phone-office-other, Cn = schema, Cn = configuration, Dc = mydomain, Dc = COM1> ldapdisplayname: othertelephone;

    > Dn: Cn = physical-delivery-office-name, Cn = schema, Cn = configuration, Dc = mydomain, Dc = COM1> ldapdisplayname: physicaldeliveryofficename;

    > Dn: Cn = post-office-box, Cn = schema, Cn = configuration, Dc = mydomain, Dc = COM1> ldapdisplayname: postofficebox;

Searching the Active Directory for specific information

Once the attribute name has been determined, either specified in documentation or by using the procedure outlined above in the section "determining the name of the attribute to be used in the search ", you can use the following steps to find objects in the Active Directory that meet the criteria you are looking.

The name of the attribute (ldapdisplayname) is used in queries to determine which objects shoshould be returned based on meeting criteria supplied by the user.

  1. Run ldp.exe from the support \ reskit \ netmgmt \ dstool folder on the retail Windows 2000 CD-ROM.
  2. OnConnectionMenu, clickConnect.
  3. Type in the server name of a domain controller in the enterprise, verify thatPortSetting is set to 389, click to clearConnectionlessCheck box, and then clickOK. Once the connection is complete, server-specific data is displayed in the right pane.
  4. OnConnectionMenu, clickBind. Type the user name, password, and domain name (in DNS format) in the appropriate boxes (you may need to selectDomainCheck box), and then clickOK. If the binding is successful, you shoshould receive a message similar to "authenticated as DN: 'youruserid'" in the right pane.
  5. OnBrowseMenu, clickSearch.
  6. TheBase DNIs the starting point in the Active Directory hierarchy at which your search will begin. InBase DNBox, typeDc =Mydomain, Dc =Com

    ReplacingMydomainAndComWith the appropriate domain name to search for objects such as users, computers, contacts, groups, file volumes, and printers.

    Or, Type

    CN = configuration, Dc =Mydomain, Dc =Com

    ReplacingMydomainAndComWith the appropriate domain name to search the configuration partition of the Active Directory which provided des such objects such as sites, subnets, site links, site link bridges, and forest structure.

    Or, Type

    CN = schema, Cn = configuration, Dc =Mydomain, Dc =Com

    ReplacingMydomainAndComWith the appropriate domain name to search the schema partition of the Active Directory which provided des the classes and attributes defined for the Forest of which the domain controller is a member.

  7. InFilterBox, type(Attributename= *Yourtexthere*)

    ReplacingAttributenameWith the name of the attribute (as defined by ldapdisplayname) and replacingYourtexthereWith the search criteria such as in the following examples :( physicaldeliveryofficename = * seattle *)

    Or, (badpwdcount = 1)

  8. InScopeFrame, clickSubtree.
  9. ClickOptions. InAttributesBox, type the name of each of the attributes that shoshould be displayed for each object found that meets the specified criteria separated by semicolons.

    For example, by requesting that all objects (users intended in this example) whose "physicaldeliveryofficename" contains "Seattle ", display the user profile path and logon script path of each of the users (or other object types) found. the following wocould be entered in the attributes box: profilepath; scriptpath

  10. Accept all other defaults, clickOKAnd then clickRun. After the query completes, the distinguished name (DN) of the object (s) found and the value of the each of the attributes specified are displayed in the right pane.

    An example of the output wocould be as follows:

    * ** Searching...
    Ldap_search_s (LD, "DC = mydomain, Dc = com", 2, "(physicaldeliveryofficename = * seattle *)", attrlist, 0, & MSG)
    Result <0>: (null)
    Matched DNS:
    Getting 2 entries:
    > Dn: Cn = user1, Cn = users, Dc = mydomain, Dc = COM1> profilepath: \ w2k-dc-01 \ profiles \ user1;
    1> scriptpath: users. vbs;

    > Dn: Cn = user2, Cn = users, Dc = mydomain, Dc = COM1> profilepath: \ w2k-dc-01 \ profiles \ user2;
    1> scriptpath: users. vbs;

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
find sid in active directory users and computers how to create gpo in active directory where to find pages in wordpress directory how to create exchange mailbox in active directory mmc snap in active directory find file in directory how to find data type in r

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More