Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

LDAP query in an ASP page 4

Status
Not open for further replies.

spaulding

Technical User
Jan 10, 2001
123
US
I'm trying to write an ASP page that will return a list of Active Directory User accounts that are disabled. I've written several ASP pages and am reasonably comfortable with that, but I've yet to use LDAP in the query. Below is the script I've started to put together. Part of it is from Microsoft TechNet and part is from a thread on this forum. Unfortunately, it doesn't work and returns the following error:
Provider error '80040e14'

One or more errors occurred during processing of command.

The message refers to line 13 which is the command.execute line. I figure this means my command.text line is out of whack, but I don't know enough about the syntax to figure it out.

I'd appreciate any help I can get.



<%@language=vbscript%>
<%
Const ADS_UF_ACCOUNTDISABLE = 2

Set objConnection = CreateObject(&quot;ADODB.Connection&quot;)
objConnection.Provider=&quot;ADsDSOObject&quot;

objConnection.Open &quot;Active Directory Provider&quot;
Set objCommand = CreateObject(&quot;ADODB.Command&quot;)
objCommand.ActiveConnection = objConnection
objCommand.CommandText = &quot;select distinguishedName, userAccountControl from 'LDAP://DC=FISD, DC=org' where objectCategory=User&quot;
Set objRecordset = Server.CreateObject(&quot;ADODB.Recordset&quot;)
Set objRecordSet = objCommand.Execute

intCounter = 0
While Not objRecordset.EOF
intUAC=objRecordset.Fields(&quot;userAccountControl&quot;)
If intUAC And ADS_UF_ACCOUNTDISABLE Then
response.write objRecordset.Fields(&quot;distinguishedName&quot;) & &quot; is disabled.&quot;
intCounter = intCounter + 1
End If
objRecordset.MoveNext
Wend

response.write &quot;A total of &quot; & intCounter & &quot; accounts are disabled.&quot;

objConnection.Close

%>
 
Hello again. I have an update on my post above. We have a test webserver, which is bascially a mirror (software-wise) of our live webserver. I joined our testserver to our domain and the script I posted above works perfectly. So I know the script above is not flawed. THe problem is our live webserver is not and never will be a member of our domain. If anyone can tell me how to make the above script work on a server that is not a member of the domain, please do tell. This is frustrating me to no end.
 
Thanks for the tip, but this code gives me:

Provider error '80040e09'

Permission denied.

I'm using the correct password, and I'm pretty sure the credentials are being passed correctly.

Code:
<%@ Language=VBScript %>
<%
Option Explicit
response.buffer = true
Dim conn,rs,Com,objADsPath,objDomain,objADOU,intUAC,SQLStmt
%>
<html>
<head>
</head>
<%
SQLStmt = "SELECT cn " & _
          "FROM 'LDAP://myldapserver.mydomain.com:389/o=mydomain.com' " & _
          "WHERE objectClass='*'"
Set Conn = CreateObject("ADODB.Connection")
Conn.Provider = "ADSDSOObject"
Conn.Open "ADs Provider","cn=administrator,ou=domainadmins,ou=useraccounts,o=whccd.com","password"
Set rs = Conn.Execute(SQLStmt)
Do While Not rs.EOF Or rs.BOF
   ReturnValue = rs.Fields(0)
   If IsArray(ReturnValue) Then
        For I = LBound(ReturnValue) To UBound(ReturnValue)
            If ReturnValue(I) <> "" Then
                Response.Write ReturnValue(I) & "<BR>"
            End If
        Next
   Else
        Response.Write ReturnValue & "<BR>"
   End If
   rs.MoveNext
Loop
%>
</body>
</html>
 
BTW: On the script above I removed "whccd.com" (our domain name) to make the script generic, but I forgot to remove it on one line. I *do* have the correct domain on every line in my code. ;)
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top