Writing LDAP Query

  • 11 April 2019
  • 6 replies
  • 107 views
I
Badge +1

Are there any tutorials/Links for absolute beginners when it comes to writing your LDAP queries in the Query LDAP Action? I am attempting to retrieve the organization that a User belongs to from Active Directory, and canont even retrieve my own user name without receiving the "No Results Returned" message.

 

(&(displayName= John Doe))

(&(displayName= Doe John))

 

And I'm seeing many posts in the community from many participants needing assistance with their queries, some which I have tried as examples in my own workflow, and I'm still not pulling back results. Are there any resources availabe that would walk me through the basics of writing my LDAP query?

And I have also verified that I have successfull test connection below.

Any help on this would be appreciated. Thanks.

 

1448iF3E937E5C7BC20DC.jpg

6 replies

C
Badge +7

Your Output is going to be an issue. The Output is the attribute name in Active Directory so, your {Initiator} value isn't going to be valid. Try something simple like department, mail, or sAMAccountName. 

 

Here's a screenshot from a working UDA I have for pulling user info from Active Directory:

 

If that doesn't work, you have some other issues going on.

 

If it does work, then start to expand on it where you can change 'sAMAccountName to another attribute.

 

For groups, you can try this:

(&(objectClass=group)(name=GroupName))
SharePoint 2013 On-Prem | Nintex Forms & Workflow Enterprise
I
Badge +1

Thanks - but I am still having issues. The test connection is successful, but my queries still do not return any results. I'm not sure if it's anything in my development environment or not - I may have to reach out to reach out to Customer Central for Support to see if any other issues may be going on.

 

C
Badge +7

I'm sorry. I should've been more clear.

 

In the Run Now screen, you cannot use the variable names. So, you'll need to replace those with actual values for testing.

 

Where it says {WorkflowVariable:ADUserName}, replace that with an actual value like your username. And, it looks like you have duplicate brackets. 

 

If my usename is username, that portion would look like this:

sAMAccountName=username

 

Also, you're using the wrong value for Output. Try entering the word mail to return the email address. Or any of the other examples from my screenshot like givenName, department, or phoneNumber.

 

Here's an example from my environment:

 

I've blurred out my username, but I manually entered it into the Query field. It's just plain text without quotes, brackets, or anything else. 

 

You'll see I've set my Output to 'department'. This is just one of many attributes you can pull from AD.

 

And then, in the Results field, you can see it's returned the department for the one match it found. If I had entered a wildcard, it would've returned all departments for all users that match the query.

SharePoint 2013 On-Prem | Nintex Forms & Workflow Enterprise
I
Badge +1

I appreciate the help - but I am not having much success. I entered my username without any quotes or brackets and I'm recieving the same results. Though my test connection is successfull, I am wondering if perhaps I'm choosing the wrong branch in AD? I'm using the User's branch.

 

C
Badge +7

You know what? Let's take a step back and go very basic. Let's simply query using a wildcard so that ALL results are returned. That way, we'll definitely know if you're in the correct branch.

 

 

I don't know if you can see it in the image, but I've replaced the username with an asterisk (*). 

So now my entire query is:

(&(objectCategory=person)(objectClass=user)(sAMAccountName=*))

Try that and see if you get any results back. If you don't, you're definitely in the wrong branch, or something else is wrong.

 

I should also point out that even if a field is blank in AD, the query should be returning data like this:

In this example, the first values returned are from system accounts (because I used a wildcard) and so they don't have a department listed. The query is still returning a value for them: [Empty value]

 

Would I be correct in assuming you're not the AD person at your organization? If you are in the wrong branch, perhaps you can talk to them to see if they can help you find the correct one.

SharePoint 2013 On-Prem | Nintex Forms & Workflow Enterprise
B
Userlevel 2
Badge +9

I'm hoping you are still monitoring this as I am having an issue where I'm trying to query LDAP of a form variable in this instance the form Creator.  Here is query I'm trying to use.


(&(objectCategory=person)(objectClass=user)(sAMAccountName={ItemProperty:Author}))


Testing does work and if I remove the variable and insert a proper username, it will return results.  In my instance, I'm trying to capture the manager of the account.  Do you know if you can query list columns like Created by?

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings