ldap query without using ado

[markcc]

Im trying to query the W2K3 AD without using ADO, the reason is i cant upgrade MDAC as im on a live server farm. i get the error: Provider error '80004005'

Unspecified error

Ive tried many ways using ADO to no luck (though it works fine from my devel PC). Ive read that nstalling the newest version of MDAC solves the above problem, however i cant do this upgrade quickly. does anyone have any code that returns data from the AD with out using ADO?

 

[markcc]

i should add, i need to search the AD for a user name i.e the cn just having passed the SAMAccountName in the query

 

[travisbrown]

Can you set up a DSN?

 

[markcc]

i can on the fly, but not through the odbc manager.
if i know the full account details i can use something like
Set objUser = GetObject _
("LDAP://cn=Myerken,ou=Management,dc=NA,dc=fabrikam,dc=com")

response.write "User Principal Name: " & objUser.userPrincipalName
response.write "SAM Account Name: " & objUser.sAMAccountName
response.write "User Workstations: " & objUser.userWorkstations
Set objDomain = GetObject("LDAP://dc=NA,dc=fabrikam,dc=com")
response.write "Domain controller: " & objDomain.dc

and it works, but if i do

Dim adoCommand, adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" & login & "))"
strAttributes = "sAMAccountName,cn"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute

to search for a user, it fails on the execute

 

[markcc]

Ive used the below code to confirm MDAC Versions,
Dim objShell
Set objShell=Server.CreateObject("WScript.Shell")
response.write=objShell.RegRead("HKLM\Software\Microsoft\Dataaccess\Version")
strDBName


ive found that the live servers use version 2.82.1830.0 and my devel machine uses 2.81.117.0 so that rules out the MDAC version, does any have any ideas why the execute for the ldap query would fail on the live servers?

 

[Tarwn]

It could be a permissions error, maybe. is it possible your local server is using a domain user (like yourself) that has rights to AD and the live server is using the default (and local machine account) IUSR_machine account?
I don't know if you can do an impersonate qith the way your connecting, so the easiest way would be to change the page/directory/site in IIS to use windows authentication or change to anonymous user and assign it to use a domain account as the default user.

Best MS KB Ever:

http://support.microsoft.com/kb/555375

 

[markcc]

Thanks Tarwn, I can obtain the users AD login using Request.ServerVariables.Item("LOGON_USER") so i know the windows authentication is working.
Im developing on a XP machine with IIS local, upon which it works fine. the code drop doesnt work on W2K3 servers in the same directory.