| Author |
Message |
|
|
Yes, you can mass delete attribute with LDAP ADmin Tool.
To delete an attribute you set them to null using sql statement.
e.g.
update ou=MemberGroupB,o=stooges set carLicense=null
The above statement will find all the entries under the ou=MemberGroupB,o=stooges and will update their carlicense value to null or in other word it will delete the attribute.
|
 |
|
|
|
For openldap please check the box 'Force binary when saving to directory' (Certificate Editor), also please note that it will store the value in userCertificate;binary attribute.
|
|
|
|
|
Please download version 4.4. In version 4.4 ObjectSid and ObjectGuid values are converted.
|
|
|
|
AD Admin & Reporting tool supports pagination which lets you export more than 1000 records from AD.
If you are unable to export more than 1000 records AD may be missing required controls, in that case try the following:
1. Modify the sql so that it runs at the immediate container level and not on RootDSE (Try second option if this does not work).
2. Increase MaxPageSize (http://support.microsoft.com/kb/315071) and disable Enable Ldap Paged Result control from Preference|General (Last check box)
|
|
|
|
For a few values use the File/Hex dialog and save the values as file -- click on attribute -- right click select edit value with .. -- select File/Hex Dialog.
Double click the attribute -- click on the button -- click save to file.
For a larger number of records, use LDIF export to export binary/hex values. The exported values will be base64 encoded so you will have to decode them.
|
|
|
|
Try exporting in csv format and open the file in excel.
|
|
|
|
What is the error, if you are getting Heap Size error?
Download the Java version of the LDAP Reporting Tool as java version handles memory more effectively because of the underlying jvm.
Click on the following url, download and install, it will go on top of the current install (you don't have to uninstall), if you don't have Java installed, program will prompt you to install java/jre and will open the download page. After downloading java/jre click the Ldap Reporting Tool shortcut to launch the application.
http://www.ldapclient.com/downloads4/LdapAdminReportingTool-4.0.1.x-winJ-x86-Setup.msi
|
|
|
|
|
Unfortunately you can't add custom reports and run them from reports menu but you can save and run custom reports from sql window (To open sql window click the SQL button on toolbar).
|
|
|
|
For Distribution Group follow all the steps mentioned above but change the step2 sql to following:
Select cn,member from RootDSE where objectClass=group and (groupType:1.2.840.113556.1.4.804:!=2147483648 or sAMAccountType=268435457) subtreescope
For security groups follow all the steps mentioned above but change the step2 sql to following:
Select cn,member from RootDSE where objectClass=group and groupType:1.2.840.113556.1.4.804:=2147483648 subtreescope
|
|
|
|
Please follow the following steps for a printable list of groups and their members from Active Directory
1. Open AD Admin and reporting tool and connect to Active Directory
2. Click on the SQL button (top tool bar), copy and paste (top panel) the following statement
Select cn,member from RootDSE where objectClass=group subtreescope
3. Click on the Export button and select Excel Export
4. Uncheck ExportDN and Export Operational Attributes (Middle right)
5. Provide the file name and click Export
-------------Version 4.2+ skip to step 8 ---------------------------
6. Open the exported file - click Tool --> Macro --> Macro -- Enter a name for Macro (any name) and Click Create Button
7. Replace the text in the window with
Sub ReplaceTags2()
Dim c As Range
For Each c In ActiveCell.CurrentRegion.Cells
c.Value = Application.WorksheetFunction.Substitute(c, "|", Chr(10))
Next
End Sub
click Run button (Tool Bar)
------------------------------------------------------------------------------------
8. Select all row and columns (click top left header) copy and paste it to word.
Word will show all row text as excel has a row height limit.
|
|
|
|
Please follow the following steps for a printable group members export from Active Directory
1. Open AD Admin and reporting tool and connect to Active Directory
2. Click on the SQL button (top tool bar), copy and paste (top panel) the following statement
Select cn,memberOf from RootDSE where objectCategory='person' and objectClass='user' and sAMAccountType!=805306370 subtreescope
3. Click on the Export button and select Excel Export
4. Uncheck ExportDN and Export Operational Attributes (Middle right)
5. Provide the file name and click Export
-------------Version 4.2+ skip to step 8 ---------------------------
6. Open the exported file - click Tool --> Macro --> Macro -- Enter a name for Macro (any name) and Click Create Button
7. Replace the text in the window with
Sub ReplaceTags2()
Dim c As Range
For Each c In ActiveCell.CurrentRegion.Cells
c.Value = Application.WorksheetFunction.Substitute(c, "|", Chr(10))
Next
End Sub
click Run button (Tool Bar)
-------------------------------------------------------------------------------------------
8. Select all row and columns (click top left header) copy and paste it to word.
Word will show all row text as excel has a row height limit.
|
|
|
|
>We are attempting to use this tool to extract LDAP data from both Novell and Windows based systems. For the Novell systems, we have a command file created that executes a saved task definition. My first question is how do I know what order the queried columns are coming back in? I am still verifying this, but it seems as if the column order is inconsistent from one run to another.
It is not possible to determine the order of columns because LDAP does not return columns with null values
For example
Entry A has two columns with values cn and sn
Entry B has three columns with values cn, sn and description
Entry C has three columns with values cn, sn and company
If the entries are returned from LDAP in the order A,B and C the exported file will have columns in the following order
cn,sn,description and company
If the entries are returned from LDAP in the order A,C and B the exported file will have columns in the following order
cn,sn,company and description
If you are feeding the exported files to another system, let other system read the columns first before exporting or sort the excel using a macro before feeding to another system.
>My second question has to do with the paging in Windows Active Directory, and the lack of paging in a Novell environment. From an attended operation standpoint, I can make both of these work. However, I do not see a way to configure the "Enable Ldap Paged Result Control" and the "Max Page Size" settings in a way that would allow me to run this is an unattended mode. Is there a command line switch or registry setting, or some other method that could be used to set that value at the invocation of the program?
Enable LDAP Page Result Control is a global parameter and cannot be set/reset with command line. Install LDAP Admin Tool under two different users (Network/Local users) one with Paging enabled and other with Paging disabled.
|
|
|
|
Q1. Is there a way to do a 'full' refresh of the LDAP query when I make changes to object in my Windows AD domain? I notice that it takes very long for the changes to come up after I make object changes in Windows AD. I hit 'refresh', but it doesn't seem to refresh anything.
You can try following options:
* Try Refreshing at the RootDSE level (Right click menu -> Click Refresh)
or else -- try refreshing the connection, Click on the Connection Tab -> right click menu --> Reconnect..
and then Try Refreshing at the RootDSE level (Right click menu -> Click Refresh)
Q2. We have observed the behaviour you mentioned with Vista, it is the OS - hopefully it will be fixed by MS in the next service pack or Windows 7.
We haven't observed this behaviour with any other OS except Vista -- We are working on finding a fix for it.
|
|
|
|
--------From Live Chat--------------------
Aaron says:
Good yourself?
support says:
Good, How can I help you today
Aaron says:
I have a question on the LDAP admin tool, it is about doing exports. When exporting to a .csv file the export throws an error at anything over 1000 records. An LDIF export will work fine and export everything, any thoughts?
support says:
error message?
Aaron says:
LDAPException: Unwilling To Perform (53)
Aaron says:
it also throws this on an excel export over 1000 records
support says:
are u connected to AD?
Aaron says:
no Edir Novell
support says:
try decreasing the page size
support says:
Options| Preferences | General Tab
support says:
Set the Max Page Size to 500
Aaron says:
it is on 1000 what do you suggest I decrease it too?
Aaron says:
nm
support says:
to 500 and try again
Aaron says:
that stopped it at 500, should I increase it or just turn paging off? The directory contains around 10,000 users
support says:
disable it and try again
Aaron says:
I did, it appears to be working now, record 6500 and counting
support says:
cool
Aaron says:
Thanks.
support says:
Thanks, have a good day
Aaron says:
you too
|
|
|
|
We have discontinued LDAPSoft LDAP Browser product.
In future we may offer LDAP Admin Tool Lite (free version) but the final decision in this regard is still pending.
Thanks
|
|
|
|
![[Search]](/forum/templates/default/images/icon_mini_search.gif){kind=icon}
![[Register]](/forum/templates/default/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/default/images/icon_mini_login.gif){kind=icon}
Login![[Recent Topics]](/forum/templates/default/images/icon_mini_recentTopics.gif){kind=icon}
Recent Topics
![[Members]](/forum/templates/default/images/icon_mini_members.gif){kind=icon}
Member Listing