home
about us
forum
testimonials
sitemap
 
 
PREV
NEXT
  

User Management Resource Administrator


Online Manual: "User Management Resource Adminstrator"
Go to: User Management Resource Administrator homepage

Script Action: Search object (AD)

Function

Searches the Active Directory for one or more objects. For each object found, the object distinguished name is returned. For the search, you need to specify the environment (LDAP, GC, domain, ou, etc.) and the LDAP search string.

Deployment

This action is typically used in a script that is intended to manage existing user. The accounts can be specified by an Active Directory attribute. This action is then used to find the Active Directory user object. Next, the output distinguished name of the user account can be used to compose to full LDAP name. The resulting name is then used in the Get user (AD) action to bind to the user account.

The search is performed in an environment you can specify. 3 options are available:

  1. Search in the entire Active Directory: The application first determines the root domain name of the Active Directory environment and then binds to Active Directory. To select, specify LDAP for the property Search environment.

  2. Search in the global catalogue of Active Directory: The application first determines the root domain name of the Active Directory environment and then binds to Active Directory. To select, specify GC for the property Search environment.

  3. Search in a specific domain, organizational unit or container of Active Directory: With this option you can limit the scope of the search operation. To select, specify the full LDAP name of the object you wish to search in for the property Search environment. Optionally, you can specify the name of domain controller (NETBIOS or DNS format) computer that the application must use to bind to Active Directory. Example: LDAP://domaincontroller/OU=students,DC=domain,DC=com.

If you are searching for specific objects in Active Directory, you need to specify a filter with criteria that only match for the objects searched for. The filter is specified as a text string according to RFC 2254. Example: to search for a object of class User, (e.g. a user account) with a specific content for the attribute description (1234) the filter looks like this:

(&(objectClass=user) (&(description=1234)))

If you don't know how to specify the filter, please contact Tools4ever support (www.tools4ever.com, support@tools4ever.com).

Properties

Property Name

Description

Typical setting

Remarks

Search environment

The search is performed in one of three possible environment: LDAP, GC or any other object. To search the entire Active Directory environment accessible from the local computer, specify the word LDAP (1). To search in the Global Catalog, specify the word GC (2). To search in any other environment, specify the LDAP binding string to access the object (3). Example: To search in a specify domain: LDAP://domain or LDAP://host. To search in a specific OU: LDAP://domaincontroller/OU=students,DC=domain,DC=com.

LDAP

See Deployment section

LDAP search Filter

The LDAP search filter according to RFC 2254. Example, to find user accounts with a specific description field 1234: (&(objectClass=user) (&(description=1234)))

 

 

Error if nothing found

Generate an error for this script action if no matching objects are found.

Yes

 

Error if multiple found

Generate an error for this script action if multiple matching objects are found.

Yes

 

Search in child objects

Search in the specified environment and child objects, for example child domains.

Yes

 

Number of objects found

The number of matching objects found. This property is an 'output only' property and is generated by the application automatically. By default, the value for this property is stored in variable %SearchResultCount%.

 

The number of objects found can be stored in a variable. By default, the name of this variable is %SearchResultCount%.

Object distinguished names

The distinguished names of the matching objects. This property is an 'output only' property and is generated by the application automatically. By default, the value for this property is stored in variable %SearchResults%.

 

The object distinguished names are collected for each matching object. These names are stored in a single variable. By default the name of the variable is %SearchResults%.

More information:
Security - Overview
Principle of operation
Project operations - Input data
Project operations - Manage script actions
Project operations - Variables
Script Action: Get user (AD)
Help on help

 


Tools4ever User Forum
Topic namePosterRepliesTime
"Confirm delete" button?Andresg114/05/08
Name generation algorithmRalph311/05/08
Check Input Fields doesn\'t work without proper Form Propertyebrodeur109/05/08
Using UMRA to manage SpaceGuard SRMebrodeur209/05/08
Form example project for Groups in Windos Active Directoryebrodeur709/05/08
How to automatically install Forms onlyAndresg102/05/08
Copying individual Filesdvojack230/04/08
Feature Request: Http click throughSimonR117/04/08
License Question / Or bug?allen130/03/08
Exception error 123Ralph228/03/08

Home | Products | Support | Pricing | Download | Press | About Us | Contact | Sitemap
QUICK LINKS: Mass / Bulk Import Software | Network Monitoring Software | Disk Quota Management
QUICK LINKS: User and Active Directory Management | Remote Desktop Control | Free Software