Address Lists and LDAP Filters
Hello,I would like to create address lists based on the employee type. This should be trivial and it used to be Trivial. I simply want to use a LDAP filter. For some reason the availability of LDAP filters has been removed from Exchange 2007. It would be one thing if OLAP had the ability to build filters, but this DUBMED DOWN (there is no other other term that is adequate to describe it) limits you to a small subset of what is available in Active Directory.Is there a way to use LDAP Filters for Address List Creation in Exchange 2007 SP1? If not would someone from Microsoft please explain why so I can explain it to my manager? Quite Frankly if you don't understand LDAPqueries and their Syntax then you are simply not qualified to be anExchange Administrator. Sorry to rant butthe previous versions ofExchange had this capability and to remove it from Exchange 2007 wasa gigantic blunder.If anyone canexplain how to use LDAP filters in Exchange 2007 SP1 I would be grateful but I fear that they have beenDUMBED out of existence.ThanksBill
July 2nd, 2009 10:10pm

Hi Bill Evan Dodds has a useful post about OPATH filters and their LDAP equivalents. http://blogs.technet.com/evand/archive/2007/02/19/filterable-properties-in-exchange-2007-rtm.aspx You should be able to work out what you need from the recipientfilter section. Tony
Free Windows Admin Tool Kit Click here and download it now
July 3rd, 2009 1:48am

Sounds like the problem is that the LDAP attribute employeeType is not a "filterable property"...i think that is correct. Unless there's some magic lurking under the covers seems there are two choices; move the data from employeeType to a customAttribute, or...still have an Exchange 2003 box around...?
July 3rd, 2009 2:02am

Good call Alex. I missed the employeeType first time round.
Free Windows Admin Tool Kit Click here and download it now
July 3rd, 2009 6:01am

LDAP syntax filters are supported in Exchange 2007 and will exist only on objects that have been migrated from Exchange 2003 or earlier. If you want to edit the LDAP filter from an Exchange 2007 server, you must upgrade these LDAP filters to the OPATH syntax. For example, if you have Exchange 2003 and Exchange 2007 servers in your organization, you can manage the LDAP syntax filter from an Exchange 2003 server. However, you cannot manage or create LDAP syntax filters in Exchange 2007 ------------Refer to < Upgrading Custom LDAP Filters to OPATH Filters> Per my local test, we cant create new address list with employeetype. You may take Alexs suggestion to use customAttribute. With ADModify tool, we can set the customAttribute in bulk
July 3rd, 2009 9:10am

Well this is hardly an answer. Microsoft dumbed down exchange 2007 by switching to OPATH which can't do what exchange 2003 could do with LDAP querries. There are several other necessities that they pulled out as well. Delivery options and secheduling on Send Connectors springs to mind.It just doesn't make sense to have removed the LDAP filtering. Duplicating attributes creates one more step that needs to be undertaken. In my case that work has to be done by another team who is already overworked. The data is there and it "should" be usable in an ldap filter. Again to me OPATH seems like a big step backwards.
Free Windows Admin Tool Kit Click here and download it now
September 29th, 2009 4:11am

On Tue, 29-Sep-09 01:11:03 GMT, williamtholmes wrote:>Well this is hardly an answer. Agreed.>Microsoft dumbed down exchange 2007 by switching to OPATH which can't do what exchange 2003 could do with LDAP querries. It's what comes of asking 'typical' admins what they want. Typicallythey want it to be 'easy'. OPATH is more convenient to use theproperties the _designers_ chose to use. For the rest of us (thosewith DDLs that make use of properties added to the AD schema, or we're screwed.I've had to get rid of (more than) a few DDLs and replace them withstatic DLs that are populated by scripts -- and those scripts (which Itried to write in Powershell) were written in Perl. Powershell has tofall back to using ADSI (using either LDAP or WinNT providers) toaccomplish many things (unless you're willing to wade through all the..Net framework junk). Seems to me that Powershell 1.0 made life moredifficult. Let's hope that 2.0 does better (after going throughexisting scripts to fix them up for the new set of cmdlets).backwards. Not for everyone, but certainly for me and you. :-)---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP
September 29th, 2009 4:58am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics