find space with LDAP query

I looked everywhere and couldn’t really find an answer to this!

The company I work for had some legacy system that interfaced with the Active Directory, when a users attribute was emptied in the software, the software did not clear the attribute in AD, it just put a space character. 😦

This has been annoying for us as applications such as Exclaimer Mail Signatures have a if attribute has a value, write the attribute into the email signature. When peoples Mobile numbers are just a space in AD, it does technically have a value!

So I needed to find a query to fix this.

Find users with spaces in attributes

(objectCategory=user)(homePhone=20)

You can use ascci characters in an LDAP query. The ascci character for space (in hexadecimal) is 20. The backslash is an LDAP query escape character. The query above should find all the users that just have the space character in the homePhone attribute.

How to clear them all

Now that the offending accounts have been found, it’s time to fix em! Use PowerShell, and run this command:

Get-ADUser -LDAPFilter "(objectCategory=user)(homePhone=20)" | Set-ADUser -Clear homePhone

Done!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s