LDAP query for SQL databses in AD

I have an AD environment which has many rogue servers and services attached. I am needing to query AD for various databases: SQL, Oracle and DB2. I am unsure if any are registered in AD, but would like to look. I need some guidance on querying AD for registered databases.

Also, if there is a good MSDN (or other) resource for delving into the area of database registration with AD, I'd appreciate a point in the right direction.

Thank you,
John Darby
John DarbyPMAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

tnapolitanoConnect With a Mentor Commented:

Here is a link to vbscript that can search AD for instances of published MSSQL databases.

Ostensibly, the code is about publishing databases in AD programatically, but the scripts can also be used to search.

This, again, is dependent on the databases being published in AD in the first place.
Active Directory is a hierarchial database. The command line tool ldapsearch can be used to query active directory. This can be done from other systems like linux or unix box. Also there are tools which does LDAP queries.

Query Active Directory from the iSeries

Querying Active Directory using .NET classes and LDAP queries

Also see these links about AD
Windows 2000 Active Directory

Oracle and Active Directory

Installing and Configuring Windows 2000 or 2003 DNS to Support Active Directory
It sounds like you want to search your network for databases and create an inventory of sanctioned/rogue DB's. Is that correct?

Active Directory is a directory, a catalog. Rogue databases may not necessarily be apart of your AD structure. Databases could reside on standalone systems.

What I would do is start with a port scan of the network (get some kind of sign-off/approval first).

One port scan utility (in my mind, the only one) is NMap (www.insecure.org).

SQL ports include MSSQL:1434, Oracle:1525, DB2:523, MySQL:3306. Start with those.

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Using PL/SQL it is possible to query LDAP

DBMS_LDAP - Accessing LDAP From PL/SQL

Building a Simple SQL Interface to any LDAP Server

LDAP queries are well and good, but there's no reason an unauthorized sql server would necessarily show up in Active Directory.

AD is a directory. A SQL Server is a system that an administrator would join to the domain, place in the directory. There is an Active Directory database (Ntds.dit) which provides the physical storage of all objects in the forest.

So, again, if it was me, I would start my search/inventory of SQL systems by port scanning. Next, Network Sniffing. Then ODBC sniffing (definately try to secure those ODBC connections, as all rx/tx are in clear-text).

John DarbyPMAuthor Commented:
I have been doing just that. However, I am looking for an LDAP query (will use it in ADUC) which will show me all registered databases in AD.

Thank you for your reply!

John DarbyPMAuthor Commented:
Thanks for the link...I am off to work, now!

John DarbyPMAuthor Commented:
I tried a custom query using the objectClass specified in the VBS file. Here is the query I formed...


However, this doesn't seem to produce any results. My Spotlight on SQL Enterprise finds registered SQL databases with no problem, but the interface doesn't reveal the LDAP queries it uses to acruire this data.

Any idea on correcting the above query to show registered SQL databases?


Try something like this:

objCommand.CommandText = "Select displayName from 'LDAP://CN=MS-SQL-SQLServer,CN=*,OU=<ComputersOU>,DC=adi,DC=swedish,DC=org'


sp_ActiveDirectory_SCP (Transact-SQL)

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.