Wednesday, August 05, 2009

MOSS 2007 – User Profile Imports and LDAP Cheat Sheet

 

I’ve tried to get an instance importing but still with no luck – there must be something else preventing it from importing… Anyways, I decided to write down my research for the day:

Default SharePoint settings are:

Search Base: dc=domain,dc=company,dc=com
Base Query: (&(objectCategory=person)(objectClass=user))

Options:

Options for Search Base:
-
Can define a specific OU to base the import on. eg. ou=Sydney,ou=Department1,dc=domain,dc=company,dc=com

Options for LDAP Filter Query:
Get all accounts with email address:
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(email=*))

Get active accounts – filter our disabled AD accounts:
(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))

Get accounts in the Department1 OU:
(&(objectCategory=Person)(objectClass=User)(memberof:1.2.840.113556.1.4.1941:=(CN=Authenticated Users,OU=Department1,DC=domain,dc=company,dc=com)))

Get accounts with a first name:
(&(objectCategory=Person)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(!givenName=*)))

 

Good References:
Scope of Query – Base, One Level, Subtree: http://msdn.microsoft.com/en-us/library/aa746467%28VS.85%29.aspx

LDAP Search Filter Syntax:
http://msdn.microsoft.com/en-us/library/aa746475%28VS.85%29.aspx

Importing Specific group into SP User Profile Store with LDAP:
http://mindsharpblogs.com/wayne/archive/2005/06/15/497.aspx

LDAP Attributes:
http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm#LDAP_Attribute_

A Nice LDAP Attribute Table:
http://www.it.ufl.edu/projects/directory/ldap-schema/attributes.html

No comments: