Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Active Directory Query


Active Directory Query

Author
Message
JuanBob
JuanBob
SSC Veteran
SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)

Group: General Forum Members
Points: 244 Visits: 269

Is it possible to query Active Directory for user account information?   I thought I heard something about an Extended Stored Proc that did something similar to this.

Thanks!


noeld
noeld
SSCertifiable
SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)SSCertifiable (6.3K reputation)

Group: General Forum Members
Points: 6320 Visits: 2048

http://support.microsoft.com/default.aspx?scid=kb;en-us;299410
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/distributed_query.asp
http://msdn.microsoft.com/library/en-us/adsi/adsi/distributed_query.asp?frame=true

 

Cheers,

 




* Noel
JuanBob
JuanBob
SSC Veteran
SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)

Group: General Forum Members
Points: 244 Visits: 269

Thank you for the links.  I did find those, but I seem to still be missing something.  Do I just simply run the sp below, or do I still need to do some additional configurations?

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5',
'ADSDSOObject', 'adsdatasource'

Thanks again!


JuanBob
JuanBob
SSC Veteran
SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)

Group: General Forum Members
Points: 244 Visits: 269

Here is some more information:

PDC: Windows 2003 Server

SQL Server 2000 on Windows 2000 Server 

I executed the sp to add the linked server using the exact same verbage listed on that page.

I then executed the next query to specify the user and password since we use Mixed Mode.  I used the domain administrator account. 

I then executed the query to return the users.  That returns this error:

Server: Msg 7321, Level 16, State 2, Procedure viewADContacts, Line 3
An error occurred while preparing a query for execution against OLE DB provider 'ADSDSOObject'.
OLE DB error trace [OLE/DB Provider 'ADSDSOObject' ICommandPrepare:repare returned 0x80040e14].
Server: Msg 208, Level 16, State 1, Line 1
Invalid object name 'viewADContacts'.

 

What are the steps I'm missing?  Thank you!!

 

 


Coriolan
Coriolan
SSC-Enthusiastic
SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)SSC-Enthusiastic (137 reputation)

Group: General Forum Members
Points: 137 Visits: 349

You can try this SQL query:

 

select *  FROM OPENROWSET('ADSDSOObject',
 'adsdatasource;', 'SELECT  cn, mail, co, distinguishedName, displayName
 FROM ''xxxxxxxxxxxxxxxxxx'' where objectClass = ''User'' ')

 

Note that xxxxxxxxxxxxxxxx can be 
 GC://something.com or LDAP://something.com where something.com is an Active directory server.


JuanBob
JuanBob
SSC Veteran
SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)SSC Veteran (244 reputation)

Group: General Forum Members
Points: 244 Visits: 269
That worked perfectly, thanks!
mosaic-287947
mosaic-287947
SSC Veteran
SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)SSC Veteran (220 reputation)

Group: General Forum Members
Points: 220 Visits: 806
Note that there is a resultset size threshold (normally 5000) on LDAP queries, set at the domain level. If you have more users, the OPENROWSET part of the query will always return exactly 5000 rows - no error message.
Mamoon Seth
Mamoon Seth
Forum Newbie
Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)Forum Newbie (3 reputation)

Group: General Forum Members
Points: 3 Visits: 3

I used your sp:

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'

And ran the query against it on MS SQL 2000 it works fine, but when I repeat the same steps on MS SQL 2005 the server executes the sp just fine. The query is what fails with the following error:

Msg 7321, Level 16, State 2, Line 1

An error occurred while preparing the query "SELECT cn, mail, co, distinguishedName, displayName FROM 'LDAP://presidioad/DC=presidio,DC=corp' where mail = 'm@m.com' " for execution against OLE DB provider "ADSDSOObject" for linked server "(null)".

I'm runing the sp like this:

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'

Any suggestions?

 

Thanks,

Mamoon


Shane Clarke
Shane Clarke
Grasshopper
Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)Grasshopper (20 reputation)

Group: General Forum Members
Points: 20 Visits: 99

Just checking.  Are your 2005 services running as a local user? 

If this is the case change your linked server to connect as a domain user with relevent AD Query access rights (or change services to run as a domain user with relevent AD Query access rights). 


Vortex-320092
Vortex-320092
Forum Newbie
Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)

Group: General Forum Members
Points: 5 Visits: 128
Folks,



I have the same problem here, but the solutions provided solved the problem... while running the query on the server.



select * FROM OPENROWSET('ADSDSOObject',

'adsdatasource;', 'SELECT cn, mail, co, distinguishedName, displayName

FROM ''LDAP://myDomain.lan'' where objectClass = ''User'' ')




If i try to run the same query using SSMS on any desktop accessing this server, I get this error:



Msg 7321, Level 16, State 2, Line 1

An error occurred while preparing the query "SELECT cn, mail, co, distinguishedName, displayName

FROM 'LDAP://myDomain.lan' where objectClass = 'User' " for execution against OLE DB provider "ADSDSOObject" for linked server "(null)".






If I try the other solution



select * from openquery

(ADSI,'SELECT name

FROM ''LDAP://myDomain.lan''

WHERE objectCategory = ''Person'' AND objectClass = ''user''')




I get the same weird error people complain about:



Msg 7321, Level 16, State 2, Line 1

An error occurred while preparing the query "SELECT name

FROM 'LDAP://myDomain.lan'

WHERE objectCategory = 'Person' AND objectClass = 'user'" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI".




Any clues? Thanx!
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search