Is it possible to query Active Directory for user account information? I thought I heard something about an Extended Stored Proc that did something similar to this.
Thank you for the links. I did find those, but I seem to still be missing something. Do I just simply run the sp below, or do I still need to do some additional configurations?
EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'
Here is some more information:
PDC: Windows 2003 Server
SQL Server 2000 on Windows 2000 Server
I executed the sp to add the linked server using the exact same verbage listed on that page.
I then executed the next query to specify the user and password since we use Mixed Mode. I used the domain administrator account.
I then executed the query to return the users. That returns this error:
Server: Msg 7321, Level 16, State 2, Procedure viewADContacts, Line 3An error occurred while preparing a query for execution against OLE DB provider 'ADSDSOObject'. OLE DB error trace [OLE/DB Provider 'ADSDSOObject' ICommandPrepare:repare returned 0x80040e14].Server: Msg 208, Level 16, State 1, Line 1Invalid object name 'viewADContacts'.
What are the steps I'm missing? Thank you!!
You can try this SQL query:
select * FROM OPENROWSET('ADSDSOObject', 'adsdatasource;', 'SELECT cn, mail, co, distinguishedName, displayName FROM ''xxxxxxxxxxxxxxxxxx'' where objectClass = ''User'' ')
Note that xxxxxxxxxxxxxxxx can be GC://something.com or LDAP://something.com where something.com is an Active directory server.
I used your sp:
And ran the query against it on MS SQL 2000 it works fine, but when I repeat the same steps on MS SQL 2005 the server executes the sp just fine. The query is what fails with the following error:
Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT cn, mail, co, distinguishedName, displayName FROM 'LDAP://presidioad/DC=presidio,DC=corp' where mail = 'firstname.lastname@example.org' " for execution against OLE DB provider "ADSDSOObject" for linked server "(null)".
I'm runing the sp like this:
Just checking. Are your 2005 services running as a local user?
If this is the case change your linked server to connect as a domain user with relevent AD Query access rights (or change services to run as a domain user with relevent AD Query access rights).