Looping over LDAP query

This example uses the “Active Directory LDAP” plugin.

My question is - is there a more efficient way to do this:

First, I run an LDAP query to get all OUs (ou=*). I loop over each distinguished name in the results -
{{[“Loop OUs”].[$item].[dn]}}, and run another LDAP query within the loop to get computer information.

The workflow ends up looping over that LDAP query 300+ times and it takes 1-2 hours to complete. When I run it locally on my pc it takes like 10 minutes to run.

Thanks!

Let me play around with this and see if I can figure out a different way to do it.

1 Like

Thank you!

Does every single OU have computers in it?

This is part of what I am trying to figure out. It’s a mess. To answer your question - nope!

My ultimate goal is to find devices in our environment that don’t have our required security tools installed on them.

I feel your pain, I had to do this at my last place it is not an easy task. I am still trying to figure out a way to simplify/speed up the process for you. I will let you know what I find out.

1 Like

Do you need the OUs? You should be able to run the initial query and use (&(objectClass=computer)) as your search filter and it will return everything on the Search Base you are searching including OU

3 Likes

Thank you!

I will try that Michael - thank you very much for your help on this.

Your welcome, it took my time down from 43 seconds to 4 seconds to run the workflow. Much smaller search base for me but that should help. Let me know how it turns out.

1 Like

So, that did the trick. I removed the loop portion, combined everything from the query within the loop with the first step and removed the OU part of the search filter. It was significantly faster. We have now crossed mile 1 of 26. My plan is to bring in a lot more data sources into this workflow and combine everything together, filter, sort, group, remove dupes, etc, and hopefully have this whole thing automated and thheeeeeen start figuring out what doesn’t have our security tools on them!

Thank you again. Might keep this post updated with my progress as I think it can be useful to other peoples as I continue to build it out.

2 Likes

Awesome, if you need anymore help don’t hesitate to ask. Good luck, I know from experience it is a daunting task.

2 Likes

Daunting is a good word for it. I appreciate it, I’ll reach out if I have any questions. I most likely will have questions at some point, thank you!!