Hopefully someone can point me in the right direction, spent too long
on this already
I am trying to query AD to get all groups with "SECURITY" in the name
(ie: G USA Security Team" or GG_USA_FIREWALL_SECURITY_RW). Since our
AD is so vast other methods I have tried just take too long (although
they do work). So I'm trying to filter ADO results since its much
quicker but I don't have much experience with it.
Part of my code:
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
' Filter on user object with specified NT name.
'strFilter = "(objectClass=group)"
strFilter = "(&(objectCategory=group)(|(cn=*security*)))" <----of
course this doesn't work
' Comma delimited list of attribute values to retrieve.
strAttributes = "name,grouptype"
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes &
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
'adoRecordset.Filter = "cn LIKE '%Security%'" <--- My other attempt
The last line above, commented out was my original attempt; I would
return all Groups then try to filter them by looking for SECURITY in
the container name. I at least got results with this method but they
were not accurate based on what I can view in AD. So then I tried the
strFilter but I think you can't use double wildcards, the word has to
either be at the beginning or end of the string.
Hopefully you understand what I'm after, I'm not the best at
Thanks in advance for any help!