LDAP Active Directory find all users from two OU

active-directoryldap

I want to find all users which are contained in two OUs, but not in the other ones. Basically, this is the same issue as in https://ldapwiki.com/wiki/ExtensibleMatch#section-ExtensibleMatch-SearchWithinTwoContainers, but within an Active Directory.
The page there says "Microsoft Active Directory does NOT support this functionality and only supports: Microsoft Active Directory Extensible Match Rules".

I want to find all users from within the OUs Administration and People as in:

dc=com
    dc=willeke
        ou=Administration
            cn=OneInetOrgPerson
            ....
        ou=People
            cn=TwoInetOrgPerson
            ....
            ou=butler
               cn=moreInetOrgPerson
               ....
        ou=Groups
            cn=ThreeInetOrgPerson
            ....
        ou=IDM
            cn=FourInetOrgPerson
            ....
        ou=Sales
            cn=FiveInetOrgPerson
            ....

I do not understand how to create this same functionality with Active Directory. Is this even possible with an AD?

Best Answer

Yes you can do this with PowerShell.

Import-Module Active Directory
$OUs = 'OU=Administration,DC=willeke,DC=com','OU=People 2,DC=willeke,DC=com'
$OUs | ForEach { Get-ADUser -Filter * -SearchBase $_ }

https://social.technet.microsoft.com/Forums/office/en-US/8354b35a-e4f8-428b-918f-a10ab3efa5d0/getaduser-effective-multiou-search?forum=winserverpowershell

https://www.experts-exchange.com/questions/28788079/Get-Users-from-multiple-OUs-with-Poweshell.html

Best Answer

Related Solutions

Security – Reference to all users/groups in Active Directory

Ldap – What permissions are required for enumerating users groups in Active Directory

Related Topic