(imported topic written by Keverhar)
I am trying to build an analysis that will return the value of extensionAttribute7 from Active Directory for the last logged on user. The results will be either 1 or 2 character alphanumeric strings.
We’re already obtaining this information from the Windows computers by reading the value in a VBS and writing it to the registry but our environment is about 20% Mac OS, so I’m thinking that I need to query AD directly in a manner similar to doing a query for CN or OU but I can’t identify what inspector context to use or what the syntax might be.
Any ideas?