Ldp Examples

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

LDP Examples

Example 1: Add a new object to an LDAP directory

To add a user to Active Directory by using LDP:

  1. On the Browse menu, click Add.

  2. In the Add dialog box, in the Dn input box, enter the distinguished name of the new object.

  3. In the Edit Entry section, add the new attributes and values. Click Enter after typing in each attribute and associated value:

    Attribute Value

    userAccountControl

    512

    ObjectClass

    User

    SamAccountName

    Testuser2

  4. To add the attribute or value combination to the Entry List box, click Edit.

  5. To add the information to Active Directory using LDAP APIs when all the attributes are entered, click Run.

Example 2: Search an LDAP directory

To search Active Directory by using LDP:

  • On the Browse menu, click Search.

    The Search dialog box opens.

In the following searches, the LDAP directory is Active Directory. For user names, it contains a givenName attribute for first names, and an attribute of sn for last names.

  • To search for all users that have a first name of John and a last name of either Smith or Jones, type the following in the Filter field:

    (&(objectClass=user)(givenName=John)(|(sn=Smith)(sn=Jones))))

  • To search for users that have a last name of Jones, but filter out those users that have a first name of John or Jane, and also filter out users that have not logged on at least 100 times, type the following in the Filter field. (The exclamation point (!) is the NOT operator.)

    (&(objectClass=user)(sn=Jones)(!givenName=John)(!givenName=Jane)(!logonCount<=100))

    Note

    • To search for reserved characters as part of an attribute value, you must precede the reserved character with an escape character. Use the following escape characters to represent the associated characters:
    Character Escape characters

    *

    2a

    (

    28

    )

    29

    \

    5c

    NUL

    00

  • To search for all of the users whose display names end in a close parenthesis character, type the following in the Filter field:

    (&(objectClass=user)(displayName=*\29))

  • To search for all users who have a surname that starts with the letter J, type the following in the Filter field. (Queries support the wildcard character (*).)

    (&(objectClass=user)(sn=j*))

  • To search for users whose home directories are G:\Accounting, type the following in the Filter field. (The attribute name is home-directory.)

    (&(objectClass=user)(home-directory=G:\5cACCOUNTING*))

Example 3: Control the returns on a search of an LDAP directory

In this example, you use the Search Options dialog box to control which attributes are displayed in a search. Just a few attributes are displayed; the rest are filtered and do not display in the details window of LDP.

To control which attributes display:

  • In the Attributes input box, type the attributes to display:

    "memberof;range:1-20"objectClass;objectGUID

    Notes

    • Separate attributes with a semicolon. No spaces are necessary. All other attributes will be filtered out of the display.

    • A range is specified for the memberof attribute. Because a semicolon is used, the entire section must be separated from the rest of the attributes by quotation marks.

All searches display only the memberof, objectClass, and objectGUID attributes in the details pane. To return all attributes, replace any existing list of attributes with the wildcard character (*).

Example 4: View replication metadata for an object

To list the replication metadata for an object in Active Directory:

  1. On the Browse menu, click Replication|View Metadata.

    The View Metadata dialog box opens.

  2. In the Object Dn field, enter the distinguished name of the object, then click OK.

    The output will look similar to the output in the following table.

    AttID Ver Loc.USN Originating DSA Org.USN Org.Time/Date

    0

    1

    3693

    9fad4c38-2d76-44b2-84f6-f2fe384f8450

    3693

    2000-12-29 09:15.02

    3

    1

    3693

    9fad4c38-2d76-44b2-84f6-f2fe384f8450

    3693

    2000-12-29 09:15.02

    d

    1

    3693

    9fad4c38-2d76-44b2-84f6-f2fe384f8450

    3693

    2000-12-29 09:15.02

    20001

    1

    3693

    9fad4c38-2d76-44b2-84f6-f2fe384f8450

    3693

    2000-12-29 09:15.02

    20002

    1

    3693

    9fad4c38-2d76-44b2-84f6-f2fe384f8450

    3693

    2000-12-29 09:15.02

See Also

Concepts

Ldp Overview
Ldp Remarks
Ldp UI
Alphabetical List of Tools
Search Overview
Replmon Overview
Repadmin Overview
Movetree.exe
Dsastat Overview
Clonepr Overview
ADSI Edit (adsiedit.msc)
Acldiag Overview