我正在尝试查询LDAP以获取用户帐户列表以及其帐户何时更改以及由谁以及如果可能的话添加或删除了什么?
系统规格:
Microsoft 视窗服务器 2012 R2
Microsoft SQL Server 2008 R2
目前,我能够提取有关帐户到期的大量信息。我们正在尝试审核 AD 中发生的管理员更改,并每天通过电子邮件向我们的主管发送更改...
谢谢大家!
Current Query:
SELECT * INTO #TMP_LDAP FROM OPENQUERY
( ADSI,'SELECT
uSNDSALastObjRemoved,
countrycode,
mail,
cn,
msexchmailboxsecuritydescriptor,
msexchuseraccountcontrol,
adspath,
mailnickname,
lockouttime,
msexchhomeservername,
homemta,
msexchhidefromaddresslists,
msexchalobjectversion,
msexchmailboxguid,
usncreated,
pwdlastset,
objectguid,
logoncount,
msexchrequireauthtosendto,
codepage,
whenchanged,
NAME,
usnchanged,
accountexpires,
legacyexchangedn,
displayname,
primarygroupid,
userprincipalname,
badpwdcount,
admincount,
badpasswordtime,
instancetype,
objectsid,
msmqdigests,
objectcategory,
mdbusedefaults,
samaccounttype,
distinguishedname,
whencreated,
lastlogon,
givenname,
useraccountcontrol,
textencodedoraddress,
msmqsigncertificates,
lastlogontimestamp,
samaccountname,
homemdb
FROM ''LDAP://SER.SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''
我的 systax 在 LDAP 查找中
出错FROM ''LDAP://SER.SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''
更改为服务器的正确查找
FROM ''LDAP://SERVER.local/OU=Accounting,DC=SERVER,DC=LOCAL'''