thefumbler
asked on
Query quandries with LDAP sql dialect syntax for Active Directory
I am using asp.net to get to the Active Directory GAL for Windows 2003 and Exchange information.
1) is the OR operator with parenthesis supported in the SQL dialect of LDAP?
This works but results don't reflect the msExchHideFromAddressLists or mail criteria:
strQuery = "SELECT cn,telephoneNumber,physica lDeliveryO fficeName, title,comp any,sn,obj ectClass, " _
& "from 'LDAP://MYSERVERl' " _
& "where objectClass='user' or objectClass='group' and msExchHideFromAddressLists <>TRUE and mail='*' " _
& "order by cn"
But this doesn't work and returns an error:
strQuery = "SELECT cn,telephoneNumber,physica lDeliveryO fficeName, title,comp any,sn,obj ectClass, " _
& "from 'LDAP://MYSERVER' " _
& "where (objectClass='user' or objectClass='group') and msExchHideFromAddressLists <>TRUE and mail='*' " _
& "order by cn"
2) And how do I limit the query to truly just 'users'?
My results above return more than just Objectclass=User, computer accounts are also included.
In ActiveDirectory Users and Computers, on a computer object on the 'Object' tab reports it as: "Computer"
BUT in ADSI that same object reports values in an array style list - the top one is 'computer' but the full list includes others:
Computer
OrganizationalPerson
Person
top
user
1) is the OR operator with parenthesis supported in the SQL dialect of LDAP?
This works but results don't reflect the msExchHideFromAddressLists
strQuery = "SELECT cn,telephoneNumber,physica
& "from 'LDAP://MYSERVERl' " _
& "where objectClass='user' or objectClass='group' and msExchHideFromAddressLists
& "order by cn"
But this doesn't work and returns an error:
strQuery = "SELECT cn,telephoneNumber,physica
& "from 'LDAP://MYSERVER' " _
& "where (objectClass='user' or objectClass='group') and msExchHideFromAddressLists
& "order by cn"
2) And how do I limit the query to truly just 'users'?
My results above return more than just Objectclass=User, computer accounts are also included.
In ActiveDirectory Users and Computers, on a computer object on the 'Object' tab reports it as: "Computer"
BUT in ADSI that same object reports values in an array style list - the top one is 'computer' but the full list includes others:
Computer
OrganizationalPerson
Person
top
user
ASKER
jhenry, your solution to #2 works great.
I don't quite understand #1 though - can you elaborate? Do you mean that I must also use the criteria in the field list of any LDAP query?
I don't quite understand #1 though - can you elaborate? Do you mean that I must also use the criteria in the field list of any LDAP query?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The error might because of unsupported attribute used in the criteria isn'by object returned from the query.
2) Try
SELECT [field list...]
FROM [yourAdsPath]
WHERE
objectCategory='person' AND objectClass='user' msExchHideFromAddressLists
ORDER BY cn