active-directory

问题 Currently I'm trying to determine if a user should be able to login using LDAP. I've read up on many LDAP connections written in PHP and so far things were on track until I wanted to search if a user was part of a certain group. Details I currently have to connecto to the LDAP server: DN: CN=PAY LDAP user,OU=pay,OU=Applications,OU=IT Specials,DC=domain,DC=be SAM: admin PWD: password Search DN ADM: OU=OU GROUP,OU=AD,DC=domain,DC=be LDAP / GC server: knt-adm-dc1.domain.be, knt-adm-dc2.domain.be

问题 I have a code to get a list of all the computers within a domain. Now i need to just get the computers which are within a particular OU and not the rest of the machines. so here is my code to get all the machines from a domain, this works perfectly fine: DirectoryEntry entry = new DirectoryEntry("LDAP://" + selectDomain); DirectorySearcher mySearcher = new DirectorySearcher(entry); mySearcher.Filter = ("(objectClass=computer)"); mySearcher.SizeLimit = int.MaxValue; mySearcher.PageSize = int

问题 I'm trying to get the members of an AD group with this PS command: Get-ADGroupMember -identity "GROUP_NAME" -Recursive However I want to know the "Description" field for each AD user. Is there a way to get this information? Thanks. 回答1: Try piping Get-ADGroupMember to Get-ADUser and specifying the Description property: Get-ADGroupMember -Identity "GROUP_NAME" -Recursive | Get-ADUser -Properties Description 来源： https://stackoverflow.com/questions/33948704/get-description-of-an-ad-user-with

问题 I have followed this link C# LDAP query to retrieve all users in an organisational unit and "A referral was returned from the server" exception when accessing AD from C# I need to know what I am doing wrong in my LDAP path ? // create your domain context and define what container to search in - here OU=Employees PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "MS", "OU=Employees,DC=CompanyName,DC=com"); // define a "query-by-example" principal - here, we search for a

问题 Which auditing settings should be enabled in order to see AD logged in user's ip address? 回答1: On any Domain Server, in the event log, you can find the information you ask for Here is the extraction of a user login Event "4624" and logout Event "4634" you can make a relation betwen the events by the data named TargetLogonId. The IP adress is in data named IpAdress. <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security

问题 My user is "SPR" and it is located under dc=aaaldap,dc=com Now the filter i am trying to send is (IDEA: TO extract all groups to which user SPR belongs to) Filter: (&(objectclass=*)(memberof:1.2.840.113556.1.4.1941:=cn=SPR,dc=aaaldap,dc=com)) As part of this search result, i am getting response from AD server as ldapsearchresref (which to my understanding is an indication from ldap server that it is not able to find the entry in its server and thus giving a reference to a URL of another

问题 I'm writing a PowerShell script and one of its parts should add a new user to Active Directory. I'm using the New-ADUser cmdlet and I want to redirect any errors (if it will produce any) to a file. So I write New-ADUser -smth -smth 2>> ./log.txt But it creates only a blank log.txt file when I simulate error. What did I do wrong? 回答1: Errors that are thrown by the cmdlet itself can be redirected like you tried: New-Item -Type File C:\Windows\WinSxS\foo.txt 2>> error.log Errors thrown by the

问题 I want to ask you if there is a solution to get parent group from subgroups in LDAP? I did a little search and we can use the filter like &(objectClass=group)(memberof:1.2.840.113556.1.4.1941:=PATH_TO_GROUP1) to get the child groups of the group, but I want to know if there is a way to get parent group from child group. Thank you in advance. 回答1: All you should need is query AD for the group, and get the memberof property, to get all groups that subgroup is part of. The below should be what

问题 How can i get the IADs interface of an Active Directory user - by username ? Note : Native code i am trying to write the function that can get the IADs interface of a user in Active Directory. i have the following "pseudocode" so far: public IADs GetUserObject(string samAccountName) { IADs ads; //Get the current domain's distinguished name ("dc=stackoverflow,dc=com") AdsGetObject("LDAP://rootDSE", IADs, ref ads); String dn = ads.Get("defaultNamingContext"); //"dc=stackoverflow,dc=com" String

问题 How can i get the IADs interface of an Active Directory user - by username ? Note : Native code i am trying to write the function that can get the IADs interface of a user in Active Directory. i have the following "pseudocode" so far: public IADs GetUserObject(string samAccountName) { IADs ads; //Get the current domain's distinguished name ("dc=stackoverflow,dc=com") AdsGetObject("LDAP://rootDSE", IADs, ref ads); String dn = ads.Get("defaultNamingContext"); //"dc=stackoverflow,dc=com" String