LDAP question

I am trying to retrieve all the entries from LDAP where Organizational unit is "Test Unit"

Here is the code I use:

Try
            Dim sPath As String = "LDAP://server1/DC=domain1,DC=com"
           
            Dim sDir As New DirectoryEntry(sPath, "admin", "temp")
            Dim sSearcher As New DirectorySearcher(sDir)
            Dim sSearchResultColl As SearchResultCollection
            Dim sSearchResult As SearchResult

            'Build LDAP query
           
             sSearcher.Filter = ("(&(ou=" & key & "))")
               
            sSearchResultColl = sSearcher.FindAll()

Then if I check sSearchResultColl.Count, I get 1 even though there are at least 4 entruies wher OU is "Test Unit"

What am I doing wrong?
LVL 35
YZlatAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ihenryCommented:
You mean the SearchResultCollection object returns 1 result even though there are 4 entries of OU with that name in the domain?

What happens if you use a query filter like:

sSearcher.Filter = String.Format( "ou={0}", key )
0
YZlatAuthor Commented:
Nope, still returning 1.

I have the following entries in my LDAP

LDAP://server1/CN=ENT2,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT3,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT4,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT1,OU=Test Unit,DC=domain1,DC=com

and it returns

LDAP://server1/OU=Test Unit,DC=domain1,DC=com

0
YZlatAuthor Commented:
I think I see where the problem is:

LDAP://server1/CN=ENT2,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT3,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT4,OU=Test Unit,DC=domain1,DC=com
LDAP://server1/CN=ENT1,OU=Test Unit,DC=domain1,DC=com

All the entries above are the same, except CN value. I think my code somehow reads each entry starting from OU=Test Unit, so all the 4 entries seem the same. Is there a workaround, to read each entry completely?
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

ihenryCommented:
Apparently, the full DNS names are not showing that the objects are OU (OrganizationalUnit). That could be user objects, group objects, or other AD object types. The objectClass or objectCategory attribute have the information to determine type of AD object. From there, you can construct the correct query filter and use it in your LDAP search.
0
YZlatAuthor Commented:
I've tried

sSearcher.Filter = ("(&(objectClass=organizationalUnit)(ou=Test Unit))")

but got the same result
0
ihenryCommented:
This "OU=Test Unit,DC=domain1,DC=com" is an organizationalUnit.

and this "CN=ENT2,OU=Test Unit,DC=domain1,DC=com" is *not* an organizationalUnit object.

You can use a LDAP utility to look into the objectClass or objectCategory attribute of the object and see what is the value inside.
0
YZlatAuthor Commented:
so how would I filter the results on an Organizational unit "Test Unit" or on user "Test User"?

What I want is for my function to return a collection of objects from AD, depending on Organizational Unit or on the User that are passed to the function
0
ihenryCommented:
I might not have explained it to you clearly. I'm under impression that the structure of the OU is like this

-- Test Unit (OrganizationalUnit)
   |-- ENT1  (User or Group or other object type)
   |-- ENT2  (User or Group or other object type)
   |-- ENT3  (User or Group or other object type)
   |-- ENT4  (User or Group or other object type)

To find all objects under an OU you can just point the DirectoryEntry object to the OU's fully DN name, e.g.
Dim sDir As New DirectoryEntry("LDAP://domain.com/ou=test unit,dc=domain,dc=com"/, "admin", "temp")
with this filter: (cn=*)

To find all user objects under an OU, you can use this filter
(&(objectClass=user)(objectCategory=person))

To find all group objects under an OU, you can use this filter
(objectClass=group)
0
YZlatAuthor Commented:
but the question I have is
how do I find all objects that belong to a particular OU?
0
ihenryCommented:
My answer, as I have posted in my previous post, is to make use your original code in question. But instead pointing the DirectoryEntry object to the root domain, you need to get it pointed to the OU in which the object you're searching resides. And use the filter "(cn=*)" in the DirectorySearcher's Filter property.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.