LDAP Query with ADODB returns error on querying custom attributes : LDAP, NA, NA

May 17, 2008 02:42am pdt

1. Chris-Dent 7,950
2. Nopius 4,350
3. JimboEfx 3,000
4. ahoffmann 2,500
5. SysExpert 2,000
5. msghaleb 2,000
5. vs1784 2,000
5. merowinger 2,000
5. shasunder 2,000
5. maxis2cute 2,000
5. PeteJThomas 2,000
5. nfmartins 2,000
5. viperman... 2,000
5. Darylx 2,000
5. Paka 2,000
5. PeteLong 2,000
5. mankowitz 2,000
5. noci 2,000

1. Chris-Dent 10,950
2. Nopius 9,850
3. toniur 6,000
3. rama_kri... 6,000
5. sirbounty 3,635
6. farhankazi 3,500
7. tmassa99 3,000
7. JimboEfx 3,000
9. LauraEHu... 2,750
10. ahoffmann 2,500
10. HonorGod 2,500
12. RobSampson 2,300
13. nfmartins 2,000
13. objects 2,000
13. ravs 2,000
13. SysExpert 2,000
13. bbao 2,000
13. veedar 2,000
13. merowinger 2,000
13. PeteLong 2,000
13. mankowitz 2,000
13. noci 2,000
13. msghaleb 2,000
13. Kate12 2,000
13. frashii 2,000
13. kbratton1 2,000
13. vs1784 2,000
13. Darylx 2,000
13. maxis2cute 2,000
13. PeteJThomas 2,000
13. shasunder 2,000
13. MSE-dwells 2,000
13. jcoombes 2,000
13. bahmane 2,000
13. Pber 2,000
13. Paka 2,000
13. alextoft 2,000
13. BigSchmuh 2,000
13. viperman... 2,000

02.22.2008 at 07:52PM PST, ID: 23186562

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.2

LDAP Query with ADODB returns error on querying custom attributes

Zones: Lightweight Directory Access Protocol (LDAP), Miscellaneous Programming, VB Script

Tags: LDAP, NA, NA

Hello,
I am quering the LDAP directory of IBM Tivoli, and am using the following VBSCRIPT. The script below works fine. However, when I add one of our custom attributes to the query ...

Replacing: "(&(objectclass=*)(uid=cordnerd));cn,uid;subtree"
With: "(&(objectclass=*)(uid=cordnerd));cn,uid,tutuid;subtree"
I get the following error.
---------------------------
Windows Script Host
---------------------------
Script:      I:\VBS\GetLDAPData.VBS
Line:      26
Char:      5
Error:      Unspecified error
Code:      80004005
Source:       Provider

---------------------------
OK
---------------------------

Here's the whole script that works.
Dim conn
Dim com
Dim oRecordset
Dim sTmp
Dim ReturnValue

'*******************************
' Open the connection to LDAP
'*******************************

Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Properties("User ID") = "cn=TheMan"
conn.Properties("Password") = "thepassword"
Dim strCN
'conn.Open "LDAP Provider"
conn.Open "ADs Provider"

Set com = CreateObject("ADODB.Command")
Set com.ActiveConnection = conn
com.CommandText = "<LDAP://idprod4.ocis.temple.edu:1389/ou=0,ou=people," & _
"erglobalid=00000000000000000000,ou=Temple,dc=edu>;" & _
"(&(objectclass=*)(uid=cordnerd));cn,uid;subtree"
com.Properties("Page Size") = 100000
com.Properties("Timeout") = 60

Set oRecordset = com.Execute
wscript.echo oRecordset.recordcount

Do While Not oRecordSet.EOF
sTmp=""
For i = 0 To oRecordSet.Fields.Count-1

ReturnValue = oRecordSet.Fields(i)
If IsArray(ReturnValue) Then
For j = LBound(ReturnValue) To UBound(ReturnValue)
If ReturnValue(j) <> "" Then
sTmp=sTmp & "," & ReturnValue(j)
End If
Next

Else
End If

Next
wscript.echo sTmp
oRecordSet.MoveNext
Loop

Any help would be GREATLY appreciated.

--

Don

Start your free trial to view this solution

Question Stats

Zone: Database

Question Asked By: dcordner

Solution Provided By: dcordner

Participating Experts: 1

Solution Grade: A

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

02.22.2008 at 08:17PM PST, ID: 20963628

Rank: Genius

RobSampson:

Hi, I'm not sure if there are problems querying custom attributes in the schema or not....or, you may have to reference the actual Schema Master (or replicate the schema).

This code will tell you the schema master:
'===================
' This code prints the FSMO role owners for the specified domain.
' ------ SCRIPT CONFIGURATION ------
strDomain = "<DomainDNSName>" ' e.g. emea.rallencorp.com
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
strDomainDN = objRootDSE.Get("defaultNamingContext")
strSchemaDN = objRootDSE.Get("schemaNamingContext")
strConfigDN = objRootDSE.Get("configurationNamingContext")

' PDC Emulator
set objPDCFsmo = GetObject("LDAP://" & strDomainDN)
Wscript.Echo "PDC Emulator: " & objPDCFsmo.fsmoroleowner

' RID Master
set objRIDFsmo = GetObject("LDAP://cn=RID Manager$,cn=system," _
& strDomainDN)
Wscript.Echo "RID Master: " & objRIDFsmo.fsmoroleowner

' Schema Master
set objSchemaFsmo = GetObject("LDAP://" & strSchemaDN)
Wscript.Echo "Schema Master: " & objSchemaFsmo.fsmoroleowner

' Infrastructure Master
set objInfraFsmo = GetObject("LDAP://cn=Infrastructure," _
& strDomainDN)
Wscript.Echo "Infrastructure Master: " & objInfraFsmo.fsmoroleowner

' Domain Naming Master
set objDNFsmo = GetObject("LDAP://cn=Partitions," & strConfigDN)
Wscript.Echo "Domain Naming Master: " & objDNFsmo.fsmoroleowner
'===================

Then, when you find the schema master, try running this query:
strSchemaMaster = "<DCNAME>" ' change this to your schema master name
com.CommandText = "<LDAP://" & strSchemaMaster & "/idprod4.ocis.temple.edu:1389/ou=0,ou=people," & _
"erglobalid=00000000000000000000,ou=Temple,dc=edu>;" & _
"(&(objectclass=*)(uid=cordnerd));cn,uid,tutuid;subtree"

Or, if that still doesn't work, try using this query to get the adsPath, then binding to the user to get the custom attribute.

com.CommandText = "<LDAP://" & strSchemaMaster & "/idprod4.ocis.temple.edu:1389/ou=0,ou=people," & _
"erglobalid=00000000000000000000,ou=Temple,dc=edu>;" & _
"(&(objectclass=*)(uid=cordnerd));cn,uid,adsPath;subtree"

Do While Not oRecordSet.EOF
Set objUser = GetObject(oRecordSet.Fields("adsPath").Value)
strCustom = objUser.tutuid
oRecordSet.MoveNext
Loop

Regards,

Rob.

Assisted Solution

02.22.2008 at 11:05PM PST, ID: 20963977

dcordner:

Well, the LDAP servers aren't Windows servers, so I'll ask as to which server holds the schema, but I believe it is the one in already being used in the code.

I tried the Do loop. It returns an error about "Item not found in colleciton".

02.23.2008 at 03:14AM PST, ID: 20964534

Rank: Genius

RobSampson:

Oh yeah, I overlooked the IBM Tivoli bit... See if this article can give you any further pointers....the OpenDSObject method may work better....:
http://support.microsoft.com/kb/q251195/

Or, is there a specific provider other than ADsDSOObject that you need to use?

Rob.

Assisted Solution

04.22.2008 at 03:02PM PDT, ID: 21415987

dcordner:

OK. For all who might care, I'm sorry it took me so long to post my solution.

The problem I was encountering finds its roots in the limits of ADSI. As per MS article 251195, ADSI uses the subschema information to expose the proper interfaces for a given class, and to retrieve attributes in the correct syntax from the property cache.

If ADSI is unable to locate or properly validate the subschema information, it uses the default LDAP version 2 schema. Because LDAP version 2 servers do not expose a subschema, ADSI maintains schema information internally about many standard attributes and classes. If ADSI uses the default version 2 schema, it does not have access to nonstandard schema information, including custom classes or attributes that have been created on the server.

My solution was acheived through using .Net. In particular, VB.Net from Visual Studio 2005 Pro. You download the free version of Visual Stidio from the MS web site, and it will have all the functionality you need as well because of the .Net Framework.

At any rate, here's the code that I used to bypass ADSI and access the LDAP APIs a different way using VB.Net.

The line "Imports System.DirectoryServices.Protocols" in the code below accesses the APIs needed to bypass ADSI.

I'm sorry that the code is not commented. I'll try to come back and post a commented version later.

Paste into the General Declarations section of a new form.

Imports ActiveDs
Imports System
Imports System.Data
Imports System.Data.SqlClient
Imports System.DirectoryServices
Imports System.DirectoryServices.Protocols

Public Class Main
Const connectionString As String = "Server=SQLServerName;Integrated Security=True;Database=DatabaseName"
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
LDAPLookup()
End Sub
Sub LDAPLookup()
Dim myComputer As String = "ldapserver.mycompany.com"
Dim ldapConnection As New System.DirectoryServices.Protocols.LdapConnection("ldapserver.mycompany.com:389")
Dim networkCredential As New System.Net.NetworkCredential("cn=root", "password")
Dim fido As New System.DirectoryServices.Protocols.SearchRequest
Dim carcass As System.DirectoryServices.Protocols.SearchResponse
Dim bones As System.DirectoryServices.Protocols.SearchResultEntryCollection
Dim bone As System.DirectoryServices.Protocols.SearchResultEntry
Dim LDAPRecordCount As Integer, SQLRecordCount As Integer
Dim uid As String, customattribute1 As String, customattribute2 As String
Dim sn, givenname, cn, customattribute3, customattribute4, customattribute5 As String
Dim TimeBegin As Date, TimeEnd As Date
Dim RecordsAdded As Long

'Try
ldapConnection.AuthType = AuthType.Basic
ldapConnection.Credential = networkCredential
ldapConnection.Timeout = New TimeSpan(0, 0, 60)
ldapConnection.SessionOptions.SecureSocketLayer = False
ldapConnection.SessionOptions.ProtocolVersion = 3
ldapConnection.AutoBind = True
ldapConnection.Bind(networkCredential)
TimeBegin = Now()
fido.Scope = Protocols.SearchScope.Subtree
fido.DistinguishedName = "ou=people,dc=mycompany,dc=com"
fido.Filter = "(&(objectclass=person)(cn=userID*))"
carcass = ldapConnection.SendRequest(fido)
LDAPRecordCount = carcass.Entries.Count
bones = carcass.Entries
Dim da1 As New SqlDataAdapter()
Dim ds1 As New DataSet()
Dim da3 As New SqlDataAdapter()
Dim ds3 As New DataSet()
Dim da4 As New SqlDataAdapter()
Dim ds4 As New DataSet()
Dim conn As New SqlConnection()
conn = New SqlConnection(connectionString)
Dim sql01 As String = "select * from MyTable"
da1 = New SqlDataAdapter(sql01, conn)
da1.Fill(ds1)
ds1.DataSetName = "Tables001"
ds1.Tables(0).TableName = "Table001"
SQLRecordCount = ds1.Tables("Table001").Rows.Count
Dim sql03 As String = "select * from GlobalValues where ID = 1"
da3 = New SqlDataAdapter(sql03, conn)
da3.Fill(ds3)
ds3.DataSetName = "Tables001"
ds3.Tables(0).TableName = "Table001"
Dim sql04 As String = "select * from LDAPDataRefresherLog"
da4 = New SqlDataAdapter(sql04, conn)
da4.Fill(ds4)
ds4.DataSetName = "Tables001"
ds4.Tables(0).TableName = "Table001"
RecordsAdded = 0
For Each bone In bones
uid = bone.Attributes.Item("uid")(0)
tutuid = bone.Attributes.Item("tutuid")(0)
tutunic = bone.Attributes.Item("tutunic")(0)
sn = bone.Attributes.Item("sn")(0)
givenname = bone.Attributes.Item("givenname")(0)
cn = bone.Attributes.Item("cn")(0)
tuquestion1 = bone.Attributes.Item("tuquestion1")(0)
tuanswer1 = bone.Attributes.Item("tuanswer1")(0)
erpswdlastchanged = bone.Attributes.Item("erpswdlastchanged")(0)
Dim ds2 As New DataSet()
Dim sql02 As String = "select distinct * from TivoliUsersUpdatedPasswords WHERE AccessNetID = '" & uid & "'"
Dim da2 As SqlDataAdapter = New SqlDataAdapter(sql02, conn)
da2.Fill(ds2)
da2.Dispose()
ds2.DataSetName = "Tables001"
ds2.Tables(0).TableName = "Table001"
Select Case ds2.Tables("Table001").Rows.Count
Case Is >= 1
'TheText = ds2.Tables("Table001").Rows(0).Item("AccessNetID")
'If UCase(TheText) = UCase(uid) Then
'SQLRecordCountSingle = 1
'Else
'SQLRecordCountSingle = 0
'End If
Case Else
Dim Table001NewRow As DataRow = ds1.Tables("Table001").NewRow
Table001NewRow("UID") = uid
Table001NewRow("EmailAddress") = uid & "@mtcompany.com"
Table001NewRow("customattribute1") = customattribute1
Table001NewRow("customattribute2") = customattribute2
Table001NewRow("LastName") = sn
Table001NewRow("FirstName") = givenname
Table001NewRow("cn") = cn
Table001NewRow("customattribute3") = customattribute3
Table001NewRow("customattribute4") = customattribute4
Table001NewRow("customattribute5") = customattribute5
ds1.Tables("Table001").Rows.Add(Table001NewRow)
Dim cmd As New SqlCommandBuilder(da1)
da1.Update(ds1, "Table001")
RecordsAdded = RecordsAdded + 1
End Select

Next
TimeEnd = Now()

Dim BuilderDa3 As SqlCommandBuilder = New SqlCommandBuilder(da3)
BuilderDa3.GetUpdateCommand()
da3.UpdateCommand = BuilderDa3.GetUpdateCommand()
ds3.Tables("Table001").Rows(0).Item("ReportingPWDResetDateLastUpdate") = TimeEnd
da3.Update(ds3, "Table001")

Dim Ds4Table001NewRow As DataRow = ds4.Tables("Table001").NewRow
Ds4Table001NewRow("DateTimeBegin") = TimeBegin
Ds4Table001NewRow("DateTimeEnd") = TimeEnd
Ds4Table001NewRow("RecordsAdded") = RecordsAdded
ds4.Tables("Table001").Rows.Add(Ds4Table001NewRow)
Dim cmd2 As New SqlCommandBuilder(da4)
da4.Update(ds4, "Table001")
'Catch ex As Exception
'End Try
Me.Close()
End Sub

End Class

Accepted Solution

20080236-EE-VQP-29 / EE_QW_2_20070628