MikeBronner
Programmer
Could someone post an example of ASP code used to query LDAP without any proprietary components?
Thanks! Take Care,
Mike
Thanks! Take Care,
Mike
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Example of ASP LDAP query string? 14
- Thread starter MikeBronner
- Start date
- Status
question...if i do a
LDAP://sandc.ws in a web browser
it asks me to enter name or email to search in teh directory...i enter ny email and it says for me to check my connection.
is this normal?
im still trying to figure out why this thing donesnt work....
LDAP://sandc.ws in a web browser
it asks me to enter name or email to search in teh directory...i enter ny email and it says for me to check my connection.
is this normal?
im still trying to figure out why this thing donesnt work....
ok i got it to work...here is my code
i had to use basic authentication.
is there a way so that the user doesnt have to keep entering thier user name and login?
<%@ Language=VBScript %>
<%
Option Explicit
Dim strUsername,con,rs,Com,objADsPath,objDomain,name,telephonenumber,mail,WshShell
%>
<html>
<head>
</head>
<body>
<%
strUsername = Request.ServerVariables("auth_user")
response.write strUsername&"<br>"
strUserName = Right(strUserName, Len(strUserName) - InStrRev(strUserName, "\"))
Set objDomain = GetObject ("GC://rootDSE")
objADsPath = objDomain.Get("defaultNamingContext")
Set objDomain = Nothing
Set con = Server.CreateObject("ADODB.Connection")
con.provider ="ADsDSOObject"
con.open "Active Directory Provider"
Set Com = CreateObject("ADODB.Command")
Com.ActiveConnection = con
Set rs = Server.CreateObject("ADODB.Recordset")
response.write strUsername&"<br>"
response.write objADsPath&"<br>"
Com.CommandText ="select name,telephonenumber,mail from
'LDAP://OU=accounts,DC=toronto,"+objADsPath+"' where sAMAccountname='"+strUsername+"'"
response.write Com.CommandText&"<br>"
Set rs = Com.Execute
name=rs("name")
telephonenumber=rs("telephonenumber")
mail=rs("mail")
rs.Close
con.Close
Set rs = Nothing
Set con = Nothing
response.write name&"<br>"
response.write telephonenumber&"<br>"
response.write mail&"<br>"
%>
</body>
</html>
i had to use basic authentication.
is there a way so that the user doesnt have to keep entering thier user name and login?
<%@ Language=VBScript %>
<%
Option Explicit
Dim strUsername,con,rs,Com,objADsPath,objDomain,name,telephonenumber,mail,WshShell
%>
<html>
<head>
</head>
<body>
<%
strUsername = Request.ServerVariables("auth_user")
response.write strUsername&"<br>"
strUserName = Right(strUserName, Len(strUserName) - InStrRev(strUserName, "\"))
Set objDomain = GetObject ("GC://rootDSE")
objADsPath = objDomain.Get("defaultNamingContext")
Set objDomain = Nothing
Set con = Server.CreateObject("ADODB.Connection")
con.provider ="ADsDSOObject"
con.open "Active Directory Provider"
Set Com = CreateObject("ADODB.Command")
Com.ActiveConnection = con
Set rs = Server.CreateObject("ADODB.Recordset")
response.write strUsername&"<br>"
response.write objADsPath&"<br>"
Com.CommandText ="select name,telephonenumber,mail from
'LDAP://OU=accounts,DC=toronto,"+objADsPath+"' where sAMAccountname='"+strUsername+"'"
response.write Com.CommandText&"<br>"
Set rs = Com.Execute
name=rs("name")
telephonenumber=rs("telephonenumber")
mail=rs("mail")
rs.Close
con.Close
Set rs = Nothing
Set con = Nothing
response.write name&"<br>"
response.write telephonenumber&"<br>"
response.write mail&"<br>"
%>
</body>
</html>
The only way to make it so that the user is not initially prompted for a username and password is to use intergrated authentication. To successfully use this authentication method much needs to be taken into account. An article explaining some of this is located at:
I hope this helps
I hope this helps
zcolton,
could you help me, how to view department field using LDAP?
everytime I tried to get department data, I got "Unspecified Error".
here is my script.
<%
sub getXdata(xlogin)
Set cnvt = CreateObject("ADs.ArrayConvert")
set con=createobject("ADODB.Connection")
set rsLDAP = Server.CreateObject("ADODB.RecordSet")
con.provider="ADSDSOObject"
con.open
strSQL="<LDAP://dc=corp,dc=xxxxxxxxx,dc=com>;" &_
"(&(objectClass=user)(sAMAccountName="&xlogin &"));" &_
"mobile,mail,name,title,physicalDeliveryOfficeName,l,co,department;subtree"
rsldap.open strSQL,con,0,1,&H0001
while not rsldap.eof
For intLoop = 0 To rsldap.Fields.Count - 1
if rsLDAP(intLoop).type=12 and not isnull(rsLDAP(intLoop).value) then
cnvtvalue=cnvt.CStrArray(rsldap(intLoop).value)
for each itemvalue in cnvtvalue
select case intLoop
case 0 xHP=itemvalue
case 1 xmail=itemvalue
case 2 xname=itemvalue
case 3 xpos=itemvalue
case 4 xloc=itemvalue
case 5 xdept=itemvalue
end select
next
else
select case intLoop
case 0 xHP=rsldap(intLoop).value
case 1 xmail=rsldap(intLoop).value
case 2 xname=rsldap(intLoop).value
case 3 xpos=rsldap(intLoop).value
case 4 xloc=rsldap(intLoop).value
case 5 xdept=rsldap(intLoop).value
end select
end if
next
rsldap.movenext
wend
rsldap.close
con.close
end sub
%>
could you help me, how to view department field using LDAP?
everytime I tried to get department data, I got "Unspecified Error".
here is my script.
<%
sub getXdata(xlogin)
Set cnvt = CreateObject("ADs.ArrayConvert")
set con=createobject("ADODB.Connection")
set rsLDAP = Server.CreateObject("ADODB.RecordSet")
con.provider="ADSDSOObject"
con.open
strSQL="<LDAP://dc=corp,dc=xxxxxxxxx,dc=com>;" &_
"(&(objectClass=user)(sAMAccountName="&xlogin &"));" &_
"mobile,mail,name,title,physicalDeliveryOfficeName,l,co,department;subtree"
rsldap.open strSQL,con,0,1,&H0001
while not rsldap.eof
For intLoop = 0 To rsldap.Fields.Count - 1
if rsLDAP(intLoop).type=12 and not isnull(rsLDAP(intLoop).value) then
cnvtvalue=cnvt.CStrArray(rsldap(intLoop).value)
for each itemvalue in cnvtvalue
select case intLoop
case 0 xHP=itemvalue
case 1 xmail=itemvalue
case 2 xname=itemvalue
case 3 xpos=itemvalue
case 4 xloc=itemvalue
case 5 xdept=itemvalue
end select
next
else
select case intLoop
case 0 xHP=rsldap(intLoop).value
case 1 xmail=rsldap(intLoop).value
case 2 xname=rsldap(intLoop).value
case 3 xpos=rsldap(intLoop).value
case 4 xloc=rsldap(intLoop).value
case 5 xdept=rsldap(intLoop).value
end select
end if
next
rsldap.movenext
wend
rsldap.close
con.close
end sub
%>
Instead of objectClass=user try objectCategory=person but I don't think it will make a differnece. I have noticed that some people have been getting errors retrieving the department field as if it was a security problem even though other fields can be retrieved. I have never ran into the problem.
ZColton,
Need your expertise again... I'm pulling user information from ADS with no problem, but 1 thing I need to pull is the manager field, now thats simple, problem is im getting the full DN for the manager field, when all I want is the givenName and sn. I get OU=...,CN=..., and so forth, I figured a second query but that doesnt seem to be working for me. Any thoughts?
Thanks
CN
Need your expertise again... I'm pulling user information from ADS with no problem, but 1 thing I need to pull is the manager field, now thats simple, problem is im getting the full DN for the manager field, when all I want is the givenName and sn. I get OU=...,CN=..., and so forth, I figured a second query but that doesnt seem to be working for me. Any thoughts?
Thanks
CN
HisMightiness
Programmer
zcolton, first of all I want to express how impressed I am with you helping so many people. I have frequented many forums in the past year, but I have never seen anyone as helpful are you are in this one thread alone.
As with many of the previous Posters, I am new to this portion of ASP. Anyway, what exactly needs to be done to your phonebook files in order to allow them to work like the NJ school example in one of the posts above? One of your posts mention that nothing needs to be done now because it is dynamically done for us. However, when I have loaded your files into my directory, nothing happens. I get no errors, and all of the pages simply display the default message at the top of the screen.
As with many of the previous Posters, I am new to this portion of ASP. Anyway, what exactly needs to be done to your phonebook files in order to allow them to work like the NJ school example in one of the posts above? One of your posts mention that nothing needs to be done now because it is dynamically done for us. However, when I have loaded your files into my directory, nothing happens. I get no errors, and all of the pages simply display the default message at the top of the screen.
HisMightiness
Programmer
I am sorry. I forgot to add the basics. I created a director on my Win2kAdv Web Server. I checked basic authentication instead of windows integrated. I also had my Admin make sure that my anonymous account has the read-only access needed (he thinks it is done right anyway). I have not altered your code in anyway. We are running Active Directory. What else do you need to know?
HisMightiness,
Is you IIS server internet or intranet? - Is there anyway I can see the exact output you are getting?
A few comments -
Do you have the department field populated on your accounts?
Is your IIS server a domain member or controler?
Either go with Basic Authentication or anonymous.
For testing purposes: first set to basic, when it prompts for username and password, type in your domain username and password. See what happens. Then try using the username and password of the other domain account - the one that will be used as the anonymous account.
------------------------------------------------------------
CoolNutz,
I have not yet had the chance to take a look at your problem. I will get back to you. It's a bit busy around the office. I'm the only netadmin, 9 Win2k Servers, 1600 win98SE workstations, and I am migrating all 98 to XP this summer for next school year. I have been busy designing the entire AD tree fully configured with GPOs (and of course any and all software deployed will be done through GPO's only. - that's a lot of custom msi's for me to create - but that would be a different thread.)
Is you IIS server internet or intranet? - Is there anyway I can see the exact output you are getting?
A few comments -
Do you have the department field populated on your accounts?
Is your IIS server a domain member or controler?
Either go with Basic Authentication or anonymous.
For testing purposes: first set to basic, when it prompts for username and password, type in your domain username and password. See what happens. Then try using the username and password of the other domain account - the one that will be used as the anonymous account.
------------------------------------------------------------
CoolNutz,
I have not yet had the chance to take a look at your problem. I will get back to you. It's a bit busy around the office. I'm the only netadmin, 9 Win2k Servers, 1600 win98SE workstations, and I am migrating all 98 to XP this summer for next school year. I have been busy designing the entire AD tree fully configured with GPOs (and of course any and all software deployed will be done through GPO's only. - that's a lot of custom msi's for me to create - but that would be a different thread.)
Hello people,
I've done a simple asp identification form that check if a user exist against Active directory.
It takes username and password from the form then submit an sql query like this :
strSQL = "SELECT cn FROM 'GC://"+domainName+"' WHERE objectCategory='person' AND sAMAccountname ='"+userName+"' "
It works fine and return the complete name of the user.
Question: how can I know what group this user is a member of ?? (wich directory in the domain is he in)
What should be the sql ??
Thanks a lot for your time.
I've done a simple asp identification form that check if a user exist against Active directory.
It takes username and password from the form then submit an sql query like this :
strSQL = "SELECT cn FROM 'GC://"+domainName+"' WHERE objectCategory='person' AND sAMAccountname ='"+userName+"' "
It works fine and return the complete name of the user.
Question: how can I know what group this user is a member of ?? (wich directory in the domain is he in)
What should be the sql ??
Thanks a lot for your time.
- Status
Similar threads
- Locked
- Question
- Locked
- Question