Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RE: Active Directory 2003 - DSQuery - SMTP records...

285 views
Skip to first unread message

keith c

unread,
Feb 6, 2008, 8:24:00 PM2/6/08
to
Follow-up:

I have tried the following command and I only get the Primary Email address.

dsquery user -name * | dsget user -email

Thanks,
Keith C.
Security Anlayst
Guaranteed Results, Inc.
Greenwood, SC USA

"keith c" wrote:

> We have a 2003 AD. Our users have two e-mail addresses in SMTP records under
> the Email Addresses tab. The Primary is bolded (te...@olddomain.com) and the
> secondary (te...@newdomain.com) is not. We migrated from the old domain
> approximately 2 years ago. All new users do not have the secondary address.
> I need to run a report to see what users have the olddomain.com address.
> I am trying to use DSQUERY to extract the users that have STMP records with
> the old domain name. Can anyone shed any light on what I need to do to get
> the desired information? Thanks, Keith C.
>
> Keith C.
> Security Analyst
> Guaranteed Results, Inc.
> Greenwood, SC USA

Joe Kaplan

unread,
Feb 6, 2008, 11:17:12 PM2/6/08
to
The attribute you want is called proxyAddresses and is multivalued. The
primary SMTP address will have a prefix of SMTP: while the secondary
addresses will have a prefix of smtp: (lower case). There may be other
addresses in there as well for other protocols.

The attribute isn't case sensitive for searches, so you can't just use a
filter like (proxyAddresses=smtp:*) as that will match both types. So, you
probably need to dump them all out and sort them out in another system.

HTH,

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"keith c" <kei...@discussions.microsoft.com> wrote in message
news:87DE227F-5ED5-423C...@microsoft.com...

keith c

unread,
Feb 7, 2008, 11:51:02 AM2/7/08
to
Joe,

That's excactly what I needed to find the accounts that had a olddomain.com.
Is there a way to delete the secondary smtp records that are
te...@olddomain.com?
I am using the following command to get my list:

dsquery * forestroot -scope subtree -L -filter
"(&(mail=*)(proxyaddressess=smtp:*))" -attr proxyaddressess -limit 5000 >
outputfile.txt

Thanks,


Keith C.
Security Analyst
Guaranteed Results, Inc.
Greenwood, SC USA

Joe Kaplan

unread,
Feb 7, 2008, 2:52:15 PM2/7/08
to
There are basically two approaches you might use:

- Get the list of values you want removed from the associated AD objects
and create a big LDIFDE or CSVDE script that removes the individual value
from each object.
- Write some code that enumerates the proxyAddresses for all of your users
and looks for things that match the "bad" names (by the domain name
probably) and then capture the exact value and remove it. You could do this
in any programmable LDAP sort of environment (VBScript, .NET, PERL,
PowerShell etc.).

I'm not sure if there is a simple way to do this via piping command line
tools together.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"keith c" <kei...@discussions.microsoft.com> wrote in message

news:F1FCDD87-A016-4C34...@microsoft.com...

0 new messages