我正在尝试查询LDAP以获取用户帐户列表以及他们的帐户何时更改以及由谁以及可能添加或删除的内容?
系统规格:
Microsoft Windows Server 2012 R2
Microsoft SQL Server 2008 R2
目前,我可以提取有关帐户到期的大量信息。我们正在尝试审核AD中发生的管理员更改,并每天通过电子邮件向我们的主管发送更改...
谢谢大家!
Current Query:
SELECT * INTO #TMP_LDAP FROM OPENQUERY
( ADSI,'SELECT
uSNDSALastObjRemoved,
countrycode,
mail,
cn,
msexchmailboxsecuritydescriptor,
msexchuseraccountcontrol,
adspath,
mailnickname,
lockouttime,
msexchhomeservername,
homemta,
msexchhidefromaddresslists,
msexchalobjectversion,
msexchmailboxguid,
usncreated,
pwdlastset,
objectguid,
logoncount,
msexchrequireauthtosendto,
codepage,
whenchanged,
NAME,
usnchanged,
accountexpires,
legacyexchangedn,
displayname,
primarygroupid,
userprincipalname,
badpwdcount,
admincount,
badpasswordtime,
instancetype,
objectsid,
msmqdigests,
objectcategory,
mdbusedefaults,
samaccounttype,
distinguishedname,
whencreated,
lastlogon,
givenname,
useraccountcontrol,
textencodedoraddress,
msmqsigncertificates,
lastlogontimestamp,
samaccountname,
homemdb
FROM ''LDAP://SER.SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''
答案 0 :(得分:0)
我的sytax在LDAP查找中出错
FROM ''LDAP://SER.SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''
更改为正确的服务器查找
FROM ''LDAP://SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''