Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


LDAP newbie trying to pull a list of groups + members w/ADO script

Posted on 2006-06-06
Medium Priority
Last Modified: 2010-04-30
I'm trying to create a list of all groups and membership from my domain, using the script found here:

I make it to line 62:
Set objGroup = GetObject("LDAP://" & strDN)

...at which point I get an 80005000 error (bad directory), source: (null).  strDN at that point is:

CN=/SHG - Metro PA Mgm,CN=PDP Collaboration Services Objects,OU=PDP_GALSYNC_Objects,DC=axp,DC=corp,DC=amexfa,DC=com

My extremely loose understanding of LDAP leaves me a little dry at this point.  I know the mess of DC= at the end is the defaultNamingContext of my RootDSE, and I know it's correct, but that's about all I know.  Any input would be appreciated.
Question by:Rakafkaven
  • 2
LVL 16

Assisted Solution

mdiglio earned 400 total points
ID: 16842232
The problem ios probably coming from the / in the group name
Does that group exist? I didn't think you could create a group like that.

Does this script error on the 1st time through or does it go through
several groups until it gets to this one?
LVL 71

Accepted Solution

Chris Dent earned 1600 total points
ID: 16842253

This bit represents the Path and Name of the object:

CN=/SHG - Metro PA Mgm,CN=PDP Collaboration Services Objects,OU=PDP_GALSYNC_Objects,

CN is a Container Object, those are normally reserved for objects like Users, Groups, Computers, etc. There are a couple of special ones like the Users Folder as well. OU is Organizational Unit, and that's the normal type for folders you create to put things in.

In the case above the error is caused by:

CN=/SHG ...

That extra / in there really messes up the directory path (technically it's an illegal character) for the script and for the script to work the character needs to be treated properly:

CN=\/SHG - Metro PA Mgm,CN=PDP Collaboration Services Objects,OU=PDP_GALSYNC_Objects,

The \ tells the script that it's part of the name and not to be treated as part of the path.

Fortunately there's a way around this:

objGroup.Get("distinguishedName") will always return the literal path, without any modifications to take care of illegal characters. objGroup.ADSPath on the other hand will return a usable path. To make that work in the script a couple of things need to be altered:

strQuery = "<LDAP://" & strDNSDomain _
  & ">;(objectClass=group);distinguishedName;subtree"

Needs changing to:

strQuery = "<LDAP://" & strDNSDomain _
  & ">;(objectClass=group);aDSPath;subtree"


  strDN = objRecordSet.Fields("distinguishedName")
  Set objGroup = GetObject("LDAP://" & strDN)

Needs changing to:

Set objGroup = GetObject(objRecordSet.Fields("aDSPath"))

If any of that isn't clear please let me know.


Author Comment

ID: 16842260
This is the first group.  I'll try throwing an InStr check before the directory call and see if I get better results.

Author Comment

ID: 16842455
Perfect!  the aDSPath solution worked.  Of course, my results are completely unreadable:

A3A0B63E8776453C962 (Global/Security)
   Member: 385008F11037446BA14 (User)
   Member: 0E0016186820401EBF8 (User)
   Member: 723803D5FCF1451196F (User)
   Member: 53C0B0383AD44C71A10 (User)
87117A422B4386B690D (Global/Security)
   Member: BC1B99EFF47F46D49D7 (User)
   Member: 4BCA7A31391B4A9C968 (User)

So there will be another question posted about that in about two minutes, if either of you are interested.  Either way, thanks!

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’ve seen a number of people looking for examples of how to access web services from VB6.  I’ve been using a test harness I built in VB6 (using many resources I found online) that I use for small projects to work out how to communicate with web serv…
If you have ever used Microsoft Word then you know that it has a good spell checker and it may have occurred to you that the ability to check spelling might be a nice piece of functionality to add to certain applications of yours. Well the code that…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses
Course of the Month11 days, 2 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question