[Logo] LDAPSoft LDAP And Active Directory Tools Community Forums
  [Search] Search   [Register] Register /  [Login] Login 
Messages posted by: support
Forum Index » Profile for support » Messages posted by support
Author Message
Auto connection uses standard port 389 for connection. Try the new connection and configure the connection manually. Please copy the userdn from the auto dialog as you will need it on the second screen.

Click the New Connection Button -> Enter the server name (domain controller) in the host name field -> Click Next -> Check the Simple authentication button --> Enter the copied userDN in the base DN field --> enter the network password in the password field and click finish.
You can run a scheduled csv export job or sql update export job from the LDAP Admin Tool Pro. Edition.
After the export is finished write a custom script which loads the csv file or sql update into the sql table (While writing the script make sure to read the order of column in the csv file first as ldap export column order can change depending on attribute exist or not).

LDAPSoft Support
Please logon on to a computer which is connected to domain.

Copy the following txt and save it into a file with the name "logininfo.vbs"
run the file and it will give you the full logon information, use the full dn in the dn field.

Set objSysInfo = CreateObject( "ADSystemInfo" )
strUserName = objSysInfo.UserName
WScript.Echo "User Name: " & strUserName

LDAPSoft Support
You can easily manage attribute like pwdReset using LDAP Admin Tool (Please download LDAP Admin Tool Professional from the url: http://www.ldapsoft.com/ldapadmintoolprofessional.html).

You can reset the value to either true and false for all the users using a sql statement link following.
To run the sql, click the SQL button on the tool bar, copy and paste the following sql, change the o=stooges to an available container and hit the run button.

UPDATE o=stooges set pwdReset=true;

LDAPSoft Support
You can't assign one field to another using sql statement. To assign values to another attribute, please try the following:

1. Click a container or an entry| Right Click Context menu select - Export - Update Statements| Provide the file Name | Click on Browser button adjacent to Returning Attributes and select attribute (for e.g telephoneNumber)| Click Finish
2. Open the exported file using Textpad| Globaly replace the attribute (telephoneNumber) to the new attribute name| Save the file
3. Click Import|SQL from the top tool bar and Click the Start Importing.. Button.
4. Refresh the entry, the new attribute should have the old field value.

Note: Please test with one entry and in a test environment before applying in production.
Active directory does not store that information in any attribute and therefore you can't search for user account logged on information.
We are currently working on it and hopefully we will release it with the next release.
Following sql will generate a report from DC=LDAPSOFT,DC=COM and return all user object that doesn't have a profiepath of \\PATH\Profiles$\Workstations\TEST1 (Please note that you have to escape all \ with \\ as shown in the query) or a member of CN=List,OU=Recipients,OU=Exchange Migration,OU=Global,DC=LDAPSOFT,DC=COM

Select cn,sn from DC=LDAPSOFT,DC=COM where profilePath!='\\\\PATH\\Profiles$\\Workstations\\TEST1' or memberof='CN=List,OU=Recipients,OU=Exchange Migration,OU=Global,DC=LDAPSOFT,DC=COM' and objectCategory='person' and objectClass='user' and sAMAccountType!=805306370

Currently you have to generate it manually, we are working on automatic generation.

For members of domain user group, please run the following statements (First one for all members of domain user group and second one for all users member of domain user group).

select * from RootDSE where primaryGroupID=513

select * from RootDSE where primaryGroupID=513 and objectClass='user'
Try the following statement where cn is the name of the group.

Select member from RootDSE where objectclass='group' and cn='Presidents'
That is very easy with AD Admin & Reporting tool, Open a sql window from top tool bar sql button , modify the following sql change the group names (memberof) and after select list all the attributes you want to export or view then copy and paste and click run or export.

The following statement will list sn and cn attribute of all users which are either member of 'testusergroup or 'testusergroup2'.

Select sn,cn from RootDSE where memberof='CN=testusersgroup,DC=LDAPSoft,DC=COM' or memberof='CN=testusersgroup2,DC=LDAPSoft,DC=COM' and objectclass='user'
Try Null in small letters - null - also no space after =

SET telephoneNumber=null
Try one of the following:

Increase MaxPageSize (http://support.microsoft.com/kb/315071) and
disable Enable Ldap Paged Result control from Preference|General (Last
check box)


Constraint update to less than 1000 using some attribute for e.g (and sn
like 'a%' or 'b%') and run update sql a few times.

UPDATE OU=Users,DC=example,DC=com SET telephoneNumber=NULL WHERE telephoneNumber='519-111-2222' and sn like 'a%' or 'b%' subtreescope;
Unfortunately not. You can't create users automatically but you can manually.
Please find the attribute containing this value, right click on the attribute and select 'Edit value with..", select 'text editor'
Now try exporting again. If problem persists let us know.
Seems like bat scripts execution is disabled on the machine you are trying to install the software.

Please manually execute the batch file "unpackall.bat" under the installation directory

Open a command prompt and cd to the script directory
> cd C:\Program Files\LDAPSoft\AD Admin And Reporting Tool\rt\bin
and then run the file
Please download and try http://www.ldapsoft.com/ldapplusad.html
This tool will give you all the information you mentioned. Also with this tool you can reset password and modify all the Active Directory attributes.

Above query should give you all the users which are member of group CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de

Try the following query without objectClass=user:

SELECT * FROM OU=EDP,OU=Bremen,DC=whatever,DC=de where memberOf=CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de

and also search for mail = Joseph.schmidt@whatever.com (Top Search) and look for memberof attribute and make sure that this user is a member of CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de

It is very easy to search for user who are memberof a group just need the correct syntax.

If I understand it correctly you are looking for all users in OU=EDP,OU=Bremen,DC=whatever,DC=de
which are member of CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de

If it the case try the following sql statement (Click on the sql button at the tool bar, copy and paste and click run).

SELECT * FROM OU=EDP,OU=Bremen,DC=whatever,DC=de where memberOf=CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de and objectClass=user

If above works, replace the * with attribute for e.g cn, sn and click run or export.

SELECT cn,sn FROM OU=EDP,OU=Bremen,DC=whatever,DC=de where memberOf=CN=Internet-Standard,OU=Sicherheitsgruppen,DC=whatever,DC=de and objectClass=user

You can't use wildcard characters with memberof as it contains the DN values (DN is path and wildcard characters don't work with it).
Please modify the query to something like the following:


If you don't know the complete DN, use the tool bar search -> select cn and enter internet* -> Click Find button.
Select the entry and from right click context menu select 'copy DN'.

Try escaping % with \
You can't have any wild character (%) in DN.
Unfortunately you can't do that

The way I will handle this:

1. Export all the values of pager using a statement like this
Select pager from OU=xxx,DC=xx,DC=com
2. Export the result in csv format
3. Modify the file and generate update statements (Update CN=xxxxxx\, xx,OU=xxxxx,DC=xxx,DC=com Set extensionAttribute2= value)
4. Run those statements one by one.

Yes, you can mass delete attribute with LDAP ADmin Tool.

To delete an attribute you set them to null using sql statement.

update ou=MemberGroupB,o=stooges set carLicense=null

The above statement will find all the entries under the ou=MemberGroupB,o=stooges and will update their carlicense value to null or in other word it will delete the attribute.
For openldap please check the box 'Force binary when saving to directory' (Certificate Editor), also please note that it will store the value in userCertificate;binary attribute.
Please download version 4.4. In version 4.4 ObjectSid and ObjectGuid values are converted.
AD Admin & Reporting tool supports pagination which lets you export more than 1000 records from AD.
If you are unable to export more than 1000 records AD may be missing required controls, in that case try the following:

1. Modify the sql so that it runs at the immediate container level and not on RootDSE (Try second option if this does not work).
2. Increase MaxPageSize (http://support.microsoft.com/kb/315071) and disable Enable Ldap Paged Result control from Preference|General (Last check box)
For a few values use the File/Hex dialog and save the values as file -- click on attribute -- right click select edit value with .. -- select File/Hex Dialog.
Double click the attribute -- click on the button -- click save to file.

For a larger number of records, use LDIF export to export binary/hex values. The exported values will be base64 encoded so you will have to decode them.

Try exporting in csv format and open the file in excel.

What is the error, if you are getting Heap Size error?

Download the Java version of the LDAP Reporting Tool as java version handles memory more effectively because of the underlying jvm.

Click on the following url, download and install, it will go on top of the current install (you don't have to uninstall), if you don't have Java installed, program will prompt you to install java/jre and will open the download page. After downloading java/jre click the Ldap Reporting Tool shortcut to launch the application.

Forum Index » Profile for support » Messages posted by support
Go to:   
[Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Members]  Member Listing  
Powered by JForum 2.1.9 © JForum Team