SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Posts
    68
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Accessing Info via LDAP

    This problem is driving me round the bend.

    I'm building an Intranet system in ASP and need to access user info (Name, Delivery Address, Email, Phone etc) to display on departmental homepages. However, I'm having a nightmare actually getting the info via LDAP. Does anyone have any experienceor advice with this? So far, my code looks like this...

    Code:
    ' Get Domain name from RootDSE object.
    Set objRootDSE = GetObject("LDAP://RootDSE")
    strDomain = objRootDSE.Get("DefaultNamingContext")
    
    sDomainADsPath = "LDAP://" & strDomain
    set connection = Server.CreateObject("ADODB.Connection")
    connection.provider = "ADsDSOObject"
    Connection.Open "ADSI"
    
    Set RS = Connection.Execute("SELECT name,ADsPath,displayname,physicaldeliveryofficename,department,telephonenumber,mail,title,samaccountname,description,member FROM " & sDomainADsPath & "WHERE sn='Surname'")
    
    While Not RS.EOF 
    	for i = 0 To RS.Fields.Count - 1
    		IF RS.Fields(i).Type = adVariant AND NOT (IsNull(RS.Fields(i).Value)) THEN 
    			FOR j = LBound(RS.Fields(i).Value) TO UBound(RS.Fields(i).Value)
    				Entry = Entry & RS.Fields(i).Value(j) & vbTab
    			NEXT 
    		ELSE 
    			Entry = Entry & RS.Fields(i).Value & vbTab
    		END IF 
    		
    		IF Index = RS.Fields.Count - 1 THEN 
    			Response.Write Entry & "<br>"
    		END IF 
    		Index = Index + 1 
    	next  
    	Entry = " " 
    	Index = 0
    	RS.MoveNext
    Wend
    However, i am just now getting '80072020' errors on line 12 (highlighted), and as I'm far from a network Admin man, i've really no idea what's going wrong.

    Once I've got the info and can display it, then I can think about filtering it by department. (i.e IF department = Information+Technology THEN Response.Write)

    I'd really appreciate if anyone can help on this, as Its the last hurdle in getting the intranet complete.

  2. #2
    SitePoint Wizard
    Join Date
    Nov 2004
    Location
    Nelson BC
    Posts
    2,310
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I never got anywhere with LDAP, did you check out this page?
    http://www.4guysfromrolla.com/webtech/041800-1.shtml

  3. #3
    SitePoint Enthusiast
    Join Date
    Feb 2005
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I fought with this for awhile and finally got it working. If you have a 2003 server you have to pass admin credentials, but I didn't when it was 2000. I also had to disable anonymous access to the directory through IIS, though this might just be because of my implementation.

    The following is my code for looking up user info by logon (sAMAccountName).
    Code:
    set conn = CreateObject("ADODB.Connection")
    conn.provider = "ADSDSOObject"
    conn.Properties("User ID") = "domain\login"
    conn.Properties("Password") = "password"
    conn.Properties("Encrypt Password") = True
    conn.open "ADs Provider"
    
    set gui = conn.execute("SELECT distinguishedName, givenName, sn, mail, description, physicalDeliveryOfficeName, telephoneNumber, l, postalCode, st, homePhone, streetAddress, displayName, department FROM 'LDAP://servername' WHERE objectClass='user' AND sAMAccountName='"&logonName&"'")
    Please feel free to ask any questions. I wrestled with this on and off for a week.

  4. #4
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Posts
    68
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks Kupo

    My biggest problem with getting this working is an unhelpful IT department. What I need to know first is what parts of the connection string need to be given to me by IT.

    For example, from the above 4guys example:

    Code:
    SQLStmt = "SELECT cn " & _
              "FROM 'LDAP://LDAPSERVER:1003/o=microsoft/ou=members' " & _
              "WHERE objectClass='*'"
    
    		Set Conn = CreateObject("ADODB.Connection")
    		Conn.Provider = "ADSDSOObject"
    			
    		Conn.Open "ADs Provider", _
    				  "cn=Administrator,ou=members,o=microsoft", _
    				   "secret"
    Obviously i need to know what my version of LDAP://LDAPSERVER is, but when asking for say, the value of o and ou, what should I ask for? I've tried sending the code to them to 'fill in', but they instead send me back 'clues' of what to do without offering any real assistance. I want to ask them is precise terms for the info I need. So I guess that would mean:

    LDAP:// ---------------------- LDAP Server
    o -----------------------------
    ou ----------------------------
    cn ----------------------------
    "secret" ----------------------- password?

    Also, I'm not wanting to acess via objectClass but department, so I take it my WHERE would be for example:

    Code:
    WHERE department = 'Corporate+Communications'
    I'm afraid Networks are at the very edge of my expertise ;o)

  5. #5
    SitePoint Enthusiast
    Join Date
    Feb 2005
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Honestly, I tried to get the 4guys method to work for a few days then I scrapped it. I have pretty decent AD and ASP knowledge and I couldn't get it working.

    So all you really need from IT is an admin username and password and any server that AD/LDAP replicates to that you want to pull information from.

    And yes..
    Code:
    WHERE objectClass='user' AND department='department name'
    would work fine. I've found if you add the objectClass it makes searches faster because it only searches actual users instead of groups or anything else.

  6. #6
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Posts
    68
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Cool, thanks. Appreciate the tips!

    I've started again based on your code (although i am told by IT that i am to filter by Group instead of department, but here am testing with surname). However the following code gets a 80004005 error. Any thoughs as to why? I get the notion that its some kind of permission error, but what permissions?

    Code:
    <%
    set objConnection = CreateObject("ADODB.Connection")
    objConnection.provider = "ADSDSOObject"
    objConnection.Properties("User ID") = *****
    objConnection.Properties("Password") = *****
    objConnection.Properties("Encrypt Password") = True
    objConnection.open "ADs Provider"
    
    set gui = objConnection.execute("SELECT distinguishedName, givenName, sn, mail, description, physicalDeliveryOfficeName, telephoneNumber, l, postalCode, st, homePhone, streetAddress, displayName, department FROM 'LDAP://mydomain.com' WHERE sn='name'")
    %>

  7. #7
    SitePoint Enthusiast
    Join Date
    Feb 2005
    Posts
    74
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I use this daily on an intranet
    Code:
    <&#37;
      Dim oConn
    
      Sub connActiveDir(sLogonDomain, sLogon, sPassword)   
       Set oConn = CreateObject("ADODB.Connection")
       Set oRS = CreateObject("ADODB.Recordset")
       oConn.Open ("Data Source=Active Directory Provider;Provider=ADsDSOObject;" & _
                   "User ID=" & sLogonDomain & "\" & sLogon & ";password=" & sPassword & ";")    
      End Sub
    
      Function getDomain()  
       Set objRootDSE = GetObject("LDAP://RootDSE")
       sConfig = objRootDSE.Get("configurationNamingContext") 
       getDomain = objRootDSE.Get("defaultNamingContext")
      End Function
    
      Function getLogon()
       getLogon = (Mid(Request.ServerVariables("LOGON_USER"), _
             InStrRev(Request.ServerVariables("LOGON_USER"), "\") + 1))
      End Function  
    
      Function GetUserDepartment(sDomain, sLogon)
       Set oRS = oConn.Execute("SELECT department " & _
                               "FROM 'LDAP://" & sDomain & "' " & _
                               "WHERE samaccountname='" & sLogon & "'")
    
        If Not oRs.EOF Then
         GetUserDepartment = oRs("department")
        Else
         GetUserDepartment = "No Department Listed"
        End If
      End Function
    
    
      ' Call Function to connect to Active Directory
      ' Requires 3 parameters
      ' 1.)The domain you are logging on to
      ' 2.)A valid Active Directory Logon
      ' 3.)The password to logon to the (1.)Domain and signed under (2.)Logon
     
      connActiveDir "wallyworld", "joe.blow;", "%47%21323$"
      
      ' Call a function to simply display the department of a user that is Currently logged on
      Response.Write "Your Department - " & GetUserDepartment(getDomain, getLogon)
       
    %>

  8. #8
    SitePoint Enthusiast
    Join Date
    Feb 2005
    Posts
    42
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Zernan are you connecting to a 2000 or 2003 server? Yeah it sound like a perm issue. What is the full 80004005 error you're getting?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •