I am looking for a solution for the following problem.
I need to request Users of multiple Groups (over 200 Groups) out of an Active Directory.
Since it is not allowed to have Wildcard in the request
for example: (memberOf=cn=T*,ou=Gruppen, ou=Test Users, dc=Test,dc=local)
i need a workaround.
Someone got an Idea?
I looked up several solutions, but no one worked out so far.
Is their maybe some form of "PlugIn" which would allow such a Wildcard?
Thought about a PowerShell Script which takes all users from the groups and put it in one huge group, which i could request than. Would something like this be possible?
Sadly I'm not realy experienced with LDAP querys.
Thanks in Advance!
Greeting,
Tobi
Related
Is there any table in the SCCM database that returns all applications located in a subfolder ?
This table returns all application and packages: "v_Package"
but i need to filter only applications and only the ones in a specific subfolder.
i also found the table "v_Applications" in my SQL server that returns only the applications but it is not present in the microsoft docs:
https://learn.microsoft.com/en-us/mem/configmgr/develop/core/understand/sqlviews/application-management-views-configuration-manager
is that normal ?
Could someone point me in the right direction ?
Thank you very much
The best "trick" if you want to do something that is possible in the SCCM Console via SQL is to do it and then watch SMSProv.log on your siteserver which will tell you what SQL and WQL command was used to produce your result. That is always a good point towards the direction you should take.
In this case you will see that the query takes the applications info from a function call fn_ListApplicationCIs_List(1031) which features a Column ObjectPath that is your folder so a quick
select DisplayName, ObjectPath from fn_ListApplicationCIs_List(1031)
should probably give you what you want.
The real info if you wanna go deeper is as far as I understand it in a view called vFolderMembers (which weirdly only contains those that are not in root) but going from there you would have to join some internal IDs to get to a readable name.
To also answer your other question: Yes v_Applications is a normal table but it does not contain the object Path (which is only relevant within the context of the console and not deployment) and yes it is (sadly) normal that Microsofts documentation is not always the best and never really complete in regards to SCCM matters.
wow that's great.
what a relief. i've been struggling with that for a while .
thank you so much for your help. it works exacly as i need.
Since I implemented active directory into my mediawiki, I have a certain problem that I got a user now which is actually not there. I means once I click or hover over the user it tells me:
User is not registred
I tried to merge it with the userMerge extension, but the user doesn't exist obviously, but he is in the userlist. Makes no sense to me at all.
So I know you shouldn't delete a user from an SQL table; I need to because our internal wiki should not have any local users any more. Also here I can't really find any good explanations of where I can find the user tables in the phpmyadmin panel. I would appreciate the help.
Mediawiki got installed with XAMPP.
As far as I know, Mediawiki doesn't really support deleting users. The commonly accepted practice is to ban/block misbehaving users. In recent years, large-scale spambots have been a problem resulting in a lot of garbage wiki accounts, so it looks like there are some solutions. Here's the extension that looked the most relevant:
http://www.mediawiki.org/wiki/Extension:UserMerge
This lets you merge a user's contributions in with another user's, and then delete one of the user accounts.
I am new to this so forgive me for not understanding the lingo.
I have been using rackspace cloud control panel to build multiple virtual servers, i use them for maybe a couple of hours then i delete them. I need these servers to all have specific and unique names such as: "server1, server2, server3, etc." I also need them to have a specific password unlike the randomly generated password that is assigned by default.
I have been creating each individual server manually (based on an image that's set up) then I have to go back and reset the password andreboot all of them. Doing each one manually is a bit time consuming and I'm sure there is an easier way. Please help me figure this out.
I've been doing some searching but I haven't found anything too relevant to my problem on top of that I'm not too familiar with programming and such.
Basically what I'm looking to do is automatically create these servers with their appropriate names and passwords already built in from the start. I'm not sure if some sort of "API" is the answer, or if there's some sort of script that can be written, or both.
Any assistance is much appreciated.
thanks,
Chris
I have some code deployed on 1 out of my 6 servers. I need a splunk query that pulls data from the other 5 hosts. Something like - All except this 1 host. I know the host option in splunk to look for the host's logs, but I have no idea how to do all except 1. Can someone please assist me?
The one box I am talking about has my latest code changes, and the other 5 have my old code. So I want to write a query to do a before vs after analysis.
Looks like you have your answer, but I use an alternative method that speeds things up for me.
Within your search results, you can quickly eliminate what you want to filter out by ALT-clicking on a value in a selected field. In your case, it would add NOT host="1" to your query and immediately update your results.
I find this particularly helpful when I'm in the preliminary stage of investigating an issue, and don't have enough information to know exactly where to look first. It makes it easy to rapidly eliminate what you don't need.
*Note: This may still be broken in Splunk 6, not sure if the bug has been fixed yet: http://answers.splunk.com/answers/109473/alt-click-not-working-selected-fields
Okay, I got the answer to my question. Just use !=. So if I want the results for all my hosts except host 1, all I do is - index=blah host!="1"
I am trying to get a list of the programs (RPG/CL/SQL) and files a service account on the iSeries has touched. The idea is that having this list we can tie specific permissions (I know this will really complicate things) to the user account in order to achieve a more secure application specific service account. Is there any way to do this and maybe get a report by running a command. Maybe there is a SQL statement?
Please excuse me if my terms are not appropriate, I am still new to the iSeries.
The audit journal will have what you are looking for....if so configured.
http://pic.dhe.ibm.com/infocenter/iseries/v7r1m0/topic/rzarl/rzarlusesecjnl.htm
The newest 7.1 TR includes stored procedures to allow easy read of journals.
https://www.ibm.com/developerworks/community/wikis/home/wiki/IBM%20i%20Technology%20Updates/page/DISPLAY_JOURNAL%20(easier%20searches%20of%20Audit%20Journal)
Charles
So though Charles' answer might be the one one should set up to get a thorough report. I wound up doing the following as suggested by one of my peers.
Please note that my goal though not properly explained as so, was to create an application specific user/service account for a program. This is to avoid using one with many privileges and thus gain some security.
1.Go through the source code (in my case classic ASP) and jot down all the names of the procedures used by that program.
2.Create a CL program that outputs the program references to a display file. Then export the file's contents onto Excel and massage where necessary.
PGM
DSPPGMREF PGM(MYLIB/PGM001) OUTPUT(*OUTFILE) OUTFILE(MYLIB/DSPPGMREF) OUTMBR(*FIRST *REPLACE)
DSPPGMREF PGM(MYLIB/PGM002) OUTPUT(*OUTFILE) OUTFILE(MYLIB/DSPPGMREF) OUTMBR(*FIRST *ADD)
ENDPGM
I was told however that service programs references cannot be displayed with DSPPGMREF. So the following was done for those.
PGM
ADDLIBLE LIB(ABSTRACT) POSITION(*LAST)
MONMSG MSGID(CPF0000)
WRKOBJR OBJ(SRVPGM01) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*REPLACE)
WRKOBJR OBJ(SRVPGM02) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*ADD)
WRKOBJR OBJ(SRVPGM03) OBJTYPE(*SRVPGM) OUTPUT(*OUTFILE) OUTFILE(MYLIB/WRKOBJR) MBROPT(*ADD)
ENDPGM
Thank you for all your help. I apologize that my answer is a little more specific than my question but in the end this was what I wanted to achieve, I had to generalize to ask the question. I'd thought i'd post post my answer anyways in case it helps someone in the future.