Thursday, September 25, 2008

Using LDIFDE & ADSIEdit to Verify Recipient Policies

Originally I wanted to run something like this:

ldifde -f C:\test.txt -t 3268 -s DC.domain.com -j C:\ -r "(&(|(mailnickname=*)(objectClass=user))(|(homeMDB=*)(msExchHomeServerName=*))(userPrincipalName=*@domain.com))" -l "msExchPoliciesIncluded"

Unfortunately userprinicipalname doesn't play nicely with  "msExchPoliciesIncluded."  I'm guessing this is the case with more than one user defined attribute.  Example output:

dn: CN=sname\, gname,OU=Users-Company,OU=User,DC=Corp,DC=com
changetype: add


If we change it to reflect only objectclass=user:

ldifde -f C:\test.txt -s DC.domain.com -j c:\ -r "(&(objectClass=user)(homeMDB=*))" -l "msExchPoliciesIncluded"

It pulls this as example:

dn: CN=sname\, gname,OU=User,DC=domain,DC=Corp,DC=com
changetype: add
msExchPoliciesIncluded
 {86129EE7-F6C7-4CE2-9549-C242356184C6},{3B6813EC-CE89-42BA-6F11-D87D4AA30DBC}
msExchPoliciesIncluded
 {7DF5DEB4-C2EA-4920-BC8C-5342BC1E95E6},{26491CFC-4EB1-4857-861B-0CB8DF22B5D7}

You can also find this in adsiedit here to verify:














No comments: