RE: Search Filter Syntax in Active Directory

Discussion in 'Python' started by Tim Golden, Sep 30, 2004.

  1. Tim Golden

    Tim Golden Guest

    [Dirk Hagemann]
    | I want to get the properties of all the computer-accounts of an
    | ActiveDirectory structure (Microsoft). I know that could be done by
    | using "Search Filter Syntax" with LDAP-Dialect or SQL-Dialect.
    | I found a lot of information about these dialects, but no
    | example how to use this in an python-script.
    | Does anybody have a simple example for me, how to get some
    | information out of AD?

    I twitch nervously every time I have to pull something
    out of AD, but hopefully a couple of working examples
    might get you going. In general, anything you see elsewhere
    in VBS etc. can be done with a couple of GetObject-type
    calls in win32com.client.

    First example: find the display name of a user, given a user name.
    This one uses the LDAP:// moniker syntax.

    <code>

    import win32com.client

    username = "goldent"
    ldap_string = "LDAP://cn=%s,cn=users,dc=gb,dc=vo,dc=local" % username
    ldap_me = win32com.client.GetObject (ldap_string)
    print username, "=>", ldap_me.Get ("displayName")

    </code>

    Second example: find all the domains known by this workstation/server.
    This example uses the WinNT:// object, which I personally find
    a lot easier / more intuitive to use, so long as it meets your
    need (it doesn't do everything, and I'm not sure you can update
    through it).

    <code>

    import win32com.client

    for domain in win32com.client.GetObject ("WinNT:"):
    print domain.Name

    </code>

    Third example: list all the computers in a particular domain.
    Again WinNT:// syntax.

    <code>

    import win32com.client
    domain_name = "VOUK"
    domain = win32com.client.GetObject ("WinNT://" + domain_name)
    domain.Filter = ["Computer"]
    for computer in domain:
    print computer.Name

    </code>

    HTH
    TJG

    ________________________________________________________________________
    This e-mail has been scanned for all viruses by Star. The
    service is powered by MessageLabs. For more information on a proactive
    anti-virus service working around the clock, around the globe, visit:
    http://www.star.net.uk
    ________________________________________________________________________
    Tim Golden, Sep 30, 2004
    #1
    1. Advertising

  2. Tim Golden schrieb:
    > [Dirk Hagemann]
    > | I want to get the properties of all the computer-accounts of an
    > | ActiveDirectory structure (Microsoft). I know that could be done by
    > | using "Search Filter Syntax" with LDAP-Dialect or SQL-Dialect.
    > | I found a lot of information about these dialects, but no
    > | example how to use this in an python-script.
    > | Does anybody have a simple example for me, how to get some
    > | information out of AD?
    >
    > I twitch nervously every time I have to pull something
    > out of AD, but hopefully a couple of working examples
    > might get you going. In general, anything you see elsewhere
    > in VBS etc. can be done with a couple of GetObject-type
    > calls in win32com.client.
    >
    > First example: find the display name of a user, given a user name.
    > This one uses the LDAP:// moniker syntax.
    >
    > <code>
    >
    > import win32com.client
    >
    > username = "goldent"
    > ldap_string = "LDAP://cn=%s,cn=users,dc=gb,dc=vo,dc=local" % username
    > ldap_me = win32com.client.GetObject (ldap_string)
    > print username, "=>", ldap_me.Get ("displayName")
    >
    > </code>
    >
    > Second example: find all the domains known by this workstation/server.
    > This example uses the WinNT:// object, which I personally find
    > a lot easier / more intuitive to use, so long as it meets your
    > need (it doesn't do everything, and I'm not sure you can update
    > through it).
    >
    > <code>
    >
    > import win32com.client
    >
    > for domain in win32com.client.GetObject ("WinNT:"):
    > print domain.Name
    >
    > </code>
    >
    > Third example: list all the computers in a particular domain.
    > Again WinNT:// syntax.
    >
    > <code>
    >
    > import win32com.client
    > domain_name = "VOUK"
    > domain = win32com.client.GetObject ("WinNT://" + domain_name)
    > domain.Filter = ["Computer"]
    > for computer in domain:
    > print computer.Name
    >
    > </code>
    >
    > HTH
    > TJG
    >


    Hi Tim!

    The third example what is yet in use in my script - I asked for it some
    month ago here ;-) It is a great help!

    But now I need more than just the names of the computers, I need their
    properties like OS, Service Pack, Version and stuff like this.

    What I managed yet is to get the properties of an object if I know the
    LDAP path of this object.
    But in our AD-structure the computer-accounts are not all in the same OU
    and the OUs could have another name from one day to the next day... So I
    need to get all computers wherever they are with some of their properties.
    I'll try your hints after the next week when I'm back at work - next
    week I have a SQL-course :)

    Dirk
    Dirk Hagemann, Oct 2, 2004
    #2
    1. Advertising

  3. Hi Tim!

    I tried your first example and it works - after I noticed that I have
    to change some CN in OU... That is also a mistake in some of my other
    codes which I will try now.
    Thanks for your help again!!!

    Dirk

    Tim Golden <> wrote in message news:<>...
    > [Dirk Hagemann]
    > | I want to get the properties of all the computer-accounts of an
    > | ActiveDirectory structure (Microsoft). I know that could be done by
    > | using "Search Filter Syntax" with LDAP-Dialect or SQL-Dialect.
    > | I found a lot of information about these dialects, but no
    > | example how to use this in an python-script.
    > | Does anybody have a simple example for me, how to get some
    > | information out of AD?
    >
    > I twitch nervously every time I have to pull something
    > out of AD, but hopefully a couple of working examples
    > might get you going. In general, anything you see elsewhere
    > in VBS etc. can be done with a couple of GetObject-type
    > calls in win32com.client.
    >
    > First example: find the display name of a user, given a user name.
    > This one uses the LDAP:// moniker syntax.
    >
    > <code>
    >
    > import win32com.client
    >
    > username = "goldent"
    > ldap_string = "LDAP://cn=%s,cn=users,dc=gb,dc=vo,dc=local" % username
    > ldap_me = win32com.client.GetObject (ldap_string)
    > print username, "=>", ldap_me.Get ("displayName")
    >
    > </code>
    >
    > Second example: find all the domains known by this workstation/server.
    > This example uses the WinNT:// object, which I personally find
    > a lot easier / more intuitive to use, so long as it meets your
    > need (it doesn't do everything, and I'm not sure you can update
    > through it).
    >
    > <code>
    >
    > import win32com.client
    >
    > for domain in win32com.client.GetObject ("WinNT:"):
    > print domain.Name
    >
    > </code>
    >
    > Third example: list all the computers in a particular domain.
    > Again WinNT:// syntax.
    >
    > <code>
    >
    > import win32com.client
    > domain_name = "VOUK"
    > domain = win32com.client.GetObject ("WinNT://" + domain_name)
    > domain.Filter = ["Computer"]
    > for computer in domain:
    > print computer.Name
    >
    > </code>
    >
    > HTH
    > TJG
    >
    > ________________________________________________________________________
    > This e-mail has been scanned for all viruses by Star. The
    > service is powered by MessageLabs. For more information on a proactive
    > anti-virus service working around the clock, around the globe, visit:
    > http://www.star.net.uk
    > ________________________________________________________________________
    Dirk Hagemann, Oct 12, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Unlv?=

    How to filter Active Directory using objectGUID ?

    =?Utf-8?B?Unlv?=, Oct 19, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    3,387
    =?Utf-8?B?Unlv?=
    Oct 19, 2005
  2. Dirk Hagemann

    Search Filter Syntax in Active Directory

    Dirk Hagemann, Sep 29, 2004, in forum: Python
    Replies:
    0
    Views:
    323
    Dirk Hagemann
    Sep 29, 2004
  3. Dirk Hagemann
    Replies:
    3
    Views:
    587
    =?ISO-8859-1?Q?Michael_Str=F6der?=
    Oct 15, 2004
  4. Ames Andreas (MPA/DF)

    Re: Search-Filter for LDAP (MS Active Directory)

    Ames Andreas (MPA/DF), Oct 14, 2004, in forum: Python
    Replies:
    2
    Views:
    675
    Dirk Hagemann
    Oct 14, 2004
  5. ejcosta
    Replies:
    2
    Views:
    853
    Eurico Costa
    Oct 8, 2004
Loading...

Share This Page