LDAP Query

TABLE OF CONTENTS

• Introduction to Question Type
• Settings

Introduction to Question Type

A very powerful Question type to query any Object from your local Active Directory. Mainly used for a user picker, but it can be used for much more.

Settings

• Base DN
  • you can limit your LDAP Query to a specific OU, enter the DN of that OU

• Scope
  • Select the Scope of your LDAP Query
    • SearchScope with a Basevalue searches only for the given user. If an OU is specified in the SearchBase parameter, no user will be returned by, for example, a specified Filter statement.
    • OneLevel query searches the immediate children of that path or object. This option only works when an OU is given as the SearchBase. If a user is given, no results are returned.
    • Subtree query searches the current path or object and all children of that path or object.

• Query
  • Here you will enter your LDAP Query. There are multiple tools to help you build your Query
  • Here we are providing some examples
    • Get all Users from AD: (objectclass=user)
    • Get all Computers from AD: (objectclass=computer)
    • Get all Members from a Group: (memberof=CN=Admins,OU=Service Users,OU=Domain,DC=au2mator,DC=local)
    • Get all disabled Users: (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))
    • Get all enabled Users: (&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))
    • Get Organization Unit with special Description: (&(objectClass=organizationalUnit)(description=Location))
    • Get all Users with SMTP: (&(objectclass=user)(Mail=*))
  • Example using Advanced Placeholder
    • To show Members where the selected Group: (&(objectClass=user)(memberof={LDAP3.DistinguishedName}))
    • So see Groups, where the User is a Member of: (&(objectClass=group)(member={LDAP1.DistinguishedName}))
    • Get all Users, where the selected User is a Manger: (&(objectClass=user)(manager={LDAP1.DistinguishedName}))
  • We transfer the Distinguished Name Property to the Automation

See How to use Advanced Placeholders on more Detials about Advanced Placeholders

• Show Values
  
  • Enter a list of AD Attributes you want to show at the front end. separate by ","

• Selection Type
  • Choose "Single" or "Multiple" to configure the possible selection Type for the User. Multiple values are joined with ";" and sent to Automation.

• Show Result as
  • You can select between a "Typeahead" or a "Prepop Table"

• Prepop Table Desing
  • When you select "Prepop Table" on the "Show Result as" Setting, you can decide the Style of the Table Design

• Prepop Title
  • The custom Title is shown at the front when a User is executing the PowerShell as the Title of the Prepop Table.

• Prepop Description
  • The custom Description is shown at the front when a User executes the PowerShell as a Description of the Prepop Table.

• Visibility

See our How to configure dynamic Forms for more Details