cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Nintex Newbie

Writing LDAP Query

Are there any tutorials/Links for absolute beginners when it comes to writing your LDAP queries in the Query LDAP Action? I am attempting to retrieve the organization that a User belongs to from Active Directory, and canont even retrieve my own user name without receiving the "No Results Returned" message.

 

(&(displayName= John Doe))

(&(displayName= Doe John))

 

And I'm seeing many posts in the community from many participants needing assistance with their queries, some which I have tried as examples in my own workflow, and I'm still not pulling back results. Are there any resources availabe that would walk me through the basics of writing my LDAP query?

And I have also verified that I have successfull test connection below.

Any help on this would be appreciated. Thanks.

 

LDAPQuery1.JPG

Labels: (1)
Tags (2)
0 Kudos
Reply
5 Replies
Highlighted
Nintex Newbie

Re: Writing LDAP Query

Your Output is going to be an issue. The Output is the attribute name in Active Directory so, your {Initiator} value isn't going to be valid. Try something simple like department, mail, or sAMAccountName. 

 

Here's a screenshot from a working UDA I have for pulling user info from Active Directory:

2019-04-12_9-48-08.png

 

If that doesn't work, you have some other issues going on.

 

If it does work, then start to expand on it where you can change 'sAMAccountName to another attribute.

 

For groups, you can try this:

(&(objectClass=group)(name=GroupName))
0 Kudos
Reply
Highlighted
Nintex Newbie

Re: Writing LDAP Query

Thanks - but I am still having issues. The test connection is successful, but my queries still do not return any results. I'm not sure if it's anything in my development environment or not - I may have to reach out to reach out to Customer Central for Support to see if any other issues may be going on.

 

ldapQuery2.JPGLdapQuery3.JPG

0 Kudos
Reply
Highlighted
Nintex Newbie

Re: Writing LDAP Query

I'm sorry. I should've been more clear.

 

In the Run Now screen, you cannot use the variable names. So, you'll need to replace those with actual values for testing.

 

Where it says {WorkflowVariable:ADUserName}, replace that with an actual value like your username. And, it looks like you have duplicate brackets. 

 

If my usename is username, that portion would look like this:

sAMAccountName=username

 

Also, you're using the wrong value for Output. Try entering the word mail to return the email address. Or any of the other examples from my screenshot like givenName, department, or phoneNumber.

 

Here's an example from my environment:

2019-04-18_10-40-32.png

 

I've blurred out my username, but I manually entered it into the Query field. It's just plain text without quotes, brackets, or anything else. 

 

You'll see I've set my Output to 'department'. This is just one of many attributes you can pull from AD.

 

And then, in the Results field, you can see it's returned the department for the one match it found. If I had entered a wildcard, it would've returned all departments for all users that match the query.

0 Kudos
Reply
Highlighted
Nintex Newbie

Re: Writing LDAP Query

I appreciate the help - but I am not having much success. I entered my username without any quotes or brackets and I'm recieving the same results. Though my test connection is successfull, I am wondering if perhaps I'm choosing the wrong branch in AD? I'm using the User's branch.

 

LDAPQuery4.JPGAD_Branch.JPG

0 Kudos
Reply
Highlighted
Nintex Newbie

Re: Writing LDAP Query

You know what? Let's take a step back and go very basic. Let's simply query using a wildcard so that ALL results are returned. That way, we'll definitely know if you're in the correct branch.

 

2019-04-19_8-02-57.png

 

I don't know if you can see it in the image, but I've replaced the username with an asterisk (*). 

So now my entire query is:

(&(objectCategory=person)(objectClass=user)(sAMAccountName=*))

Try that and see if you get any results back. If you don't, you're definitely in the wrong branch, or something else is wrong.

 

I should also point out that even if a field is blank in AD, the query should be returning data like this:
2019-04-19_8-19-51.png

In this example, the first values returned are from system accounts (because I used a wildcard) and so they don't have a department listed. The query is still returning a value for them: [Empty value]

 

Would I be correct in assuming you're not the AD person at your organization? If you are in the wrong branch, perhaps you can talk to them to see if they can help you find the correct one.

0 Kudos
Reply