Home Forums SQL Server 2005 T-SQL (SS2K5) Querying Active directory RE: Querying Active directory

  • April 19, 2015 at 4:52 pm

    #1791899

    Hi asene, are you able to successfully query any other objects in the AD?

    Are you able to get results from the group that is not nested, or any group with no nested groups as members?

    To check AD access permissions, can you get the results you desire using ldife or powershell?

    It took me a little while to get a query to return results on my test server. You may have tried this but I notice that I need to pass the select statement in to the linked server also. So it would look something like -

    SELECT adspath,displayName,givenName,cn

    FROM OPENQUERY(ADSI

    , 'SELECT adspath,displayName,givenName,cn

    FROM ''<LDAP://DC=IPPM,DC=QC,DC=CA>''

    WHERE (&(objectCategory=Person)(objectClass=User)

    (!(userAccountControl:1.2.840.113556.1.4.803:=2))(memberof:1.2.840.113556.1.4.1941:=CN=GROUPE ACCES APPLICATION OAS GESTIONNAIRES,

    OU=OAS,OU=PROJET_COMMUN,OU=Applications,OU=Groupes,DC=IPPM,DC=QC,DC=CA));adspath,displayName,GivenName,cn;subtree')

    -- FROM ''<LDAP://ippm.qc.ca/DC=IPPM,DC=QC,DC=CA>''

    I am unsure why but the domain root syntax I commented out I had to use to get it to work for me.