Logo faq-o-matic.net
Logo faq-o-matic.net

Carmen: Query Active Directory Using SQL Syntax

von veröffentlicht am14. Juni 2011, 06:50 Uhr Kurzlink und Zitatlink einblenden
Kategorie Kategorie: Active Directory, AD: Erweiterte Abfragen, Downloads, English, Tools, VBScript   Translate with Google Translate Translate EN   Die angezeigte Seite drucken
Zuletzt aktualisiert: 7. August 2013

My script-based query tool “Carmen” for Active Directory has been downloaded more than 10,000 times since its release. Now I added an English version for an international audience.

Carmen lets you query Active Directory using SQL-style syntax. This makes it easier for most admins to get data from AD as SQL is more common to use than LDAP. Since its very beginning, Active Directory has supported SQL queries – as only few people seem to know.

Carmen is an HTA application written in HTML and VBSript. It is “safe” for your environment as it only reads data but cannot write to AD. Simply launch the tool by double-click and fill in the three data fields SELECT, FROM, and WHERE. (In most cases you can leave the FROM clause as it is since it already contains your domain name.)

Download: Carmen SQL Queries for AD English Version  Carmen SQL Queries for AD English Version (4,1 KiB, 3.170-mal heruntergeladen, letzte Änderung am 30. Mai 2011)

Here are some sample queries:

All users SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’user‘ and objectCategory=’person‘
Alle users from Hannover whose phone numbers contain "123", sorted by name in reverse order SELECT name, telephoneNumber FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’user‘ and objectCategory=’person‘ and l=’Hannover‘ and telephoneNumber=’*123*‘ ORDER BY name DESC
Disables users (unless other flags are set!) SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’user‘ and objectCategory=’person‘ and userAccountControl=’5142
All groups SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’group‘
All domain Global Groups SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE groupType=‘-21474836462
All Domain Local Groups SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE groupType=‘-21474836442
All Builti groups SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE groupType=‘-21474836432
All Universal Groups SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE groupType=‘-21474836402
All computers SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’computer‘
All computers with Windows XP and Service Pack 2 SELECT * FROM ‚LDAP://DC=contoso,DC=com‘ WHERE objectClass=’computer‘ and operatingSystem=’Windows XP*‘ and operatingSystemServicePack=’Service Pack 22
All sites and subnets in Active Directory SELECT name,objectClass FROM ‚LDAP://CN=sites,CN=configuration,DC=contoso,DC=com‘ WHERE objectClass=’site‘ or objectClass=’subnet‘
The FSMO role owners SELECT name,fSMORoleOwner FROM ‚LDAP://DC=contoso,DC=com‘ WHERE fSMORoleOwner=’*‘

© 2005-2023 bei faq-o-matic.net. Alle Rechte an den Texten liegen bei deren Autorinnen und Autoren.

Jede Wiederveröffentlichung der Texte oder von Auszügen daraus - egal ob kommerziell oder nicht - bedarf der ausdrücklichen Genehmigung durch die jeweiligen Urheberinnen oder Urheber.

Das Impressum findet sich unter: http://www.faq-o-matic.net/impressum/

Danke, dass du faq-o-matic.net nutzt. Du hast ein einfaches Blog sehr glücklich gemacht!