Create a link to Active Directory in Oracle 10g and query the database for user info

Posted on 2007-03-23
Medium Priority
Last Modified: 2013-12-19
I come from a MS SQL background but I am jumping in head first into Oracle 10g.  I know how to created a "linked server" to an Active Directory domain (LDAP) in MS SQL, however I do not know how to do this in Oracle.  I was hoping that someone could offer a few tips and trix for me.  

Here is a sample of a query I have written for MS SQL so I am not even sure if this will work in Oracle or not (I am sure that some of the syntax may differ slightly so any tips on that will be appreciated as well)

      sAMAccountName As Login,
                        objectClass = ''user''') AS USERS

Any help would be much appreciated as I am in a bit of a time crunch.  Thnx...a
Question by:Atropa
  • 3
  • 3

Author Comment

ID: 18800420
Is this even possible from Oracle?  If it helps any we are also using "Toad".  I believe TOAD is similar to the SQL Admin tool.  I haven't seen in there how to create the connection yet to AD.  Really any help would be appreciated...a
LVL 18

Accepted Solution

Sham Haque earned 1000 total points
ID: 18806325
hi Atropa

i'm not sure that what you are trying to achieve is possible, at least not the way that you're envisaging.
I assume that you want to be able to "do" something with this data, or at least to read it.

You could use VBScript to accomplish your goals - using recordsets. This may not be the most efficient way to go, but it does provide you with a mechanism to transfer between AD and other data sources (incl Oracle :shock:)

Below is a routine I used for fetching AD recs (names, emails) to a SQL Server table for processing - this should give you something to chew on at least.....in place of the SQL Server connection, just use an Oracle provider, and give the TNS details to the connection.

Paste everything between the '***' lines into notepad, make the changes to suit your needs and environment, and save it with a ".vbs" extension - then run from a DOS prompt (not necessary - but easier to see when it doesn't work...!)

'On Error Resume Next
Const adOpenStatic = 3
Const adLockOptimistic = 3

Set objRootDSE = GetObject("LDAP://rootDSE")
strDomain = "LDAP://"& objRootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.CommandText = "<"& strDomain &">;(objectCategory=person)" & _
objCommand.Properties("Page Size") = 40000

Set objRecordSet = objCommand.Execute

'alter connection string for your Oracle db - see http://www.connectionstrings.com for guidance
set objSQLConn = CreateObject("ADODB.Connection")
objSQLConn.Open = "Provider=sqloledb;Data Source=rsmd-mbx-a19;Initial Catalog=UnverifiedAssetTool;Integrated Security=SSPI;"
objSQLConn.Execute "TRUNCATE TABLE tmpAddresses2"

set objRS2 = CreateObject("ADODB.Recordset")
objRS2.Open "SELECT * FROM tmpAddresses2",objSQLConn, adOpenStatic, adLockOptimistic

While Not objRecordSet.EOF
strUserDN = objRecordSet.Fields("DistinguishedName")
set objUser = GetObject("LDAP://"& strUserDN)

If instr(objUser.homemdb,"CN=") <> 0 then
if err.number<>0 then
msgbox err.Number & vbCrLf & err.Description
msgbox "Homemdb value is equal to " & objUser.Homemdb & "."
end if

on error resume next
For Each entry in objUser.GetEx("proxyAddresses")

If instr(entry,"X400") = 0 Then
proxy1 = replace(entry,"SMTP:","")
proxy1 = replace(proxy1,"smtp:","")

If instr(proxy1, "MBX:") = 0 Then
if instr(objuser.mailnickname," ") = 0 then

objRS2.Fields("username").Value = objuser.mailnickname
objRS2.Fields("fullname").Value = objuser.displayname
objRS2.Fields("fname").Value = objuser.givenname
objRS2.Fields("sname").Value = objuser.sn
objRS2.Fields("proxyaddr").Value = proxy1

End If
End If
End If

End If



Set objRootDSE = Nothing
set objRecordSet = Nothing
set objConnection = Nothing
set objCommand = Nothing
set objRS2 = Nothing
set objSQLConn = Nothing
set objUser = Nothing
set objOutputFile = Nothing
set objFSO = Nothing

wscript.Echo "All Done"


Author Comment

ID: 18826582
I appreciate the code for VB however that I knew how to do!  To give a wee bit more background I used to work for an organization that used only MS SQL Servers (2000 and 2005).  They used MS SQL because I set them up on MS SQL.  I now am with a company that uses only Oracle 10g.  

In MS SQL you could create a "linked server" using a dsn or a or JET or ADO connection to another data source such as another SQL Server, an Oracle Database, an Access DB or even a text file, etc...

To get information from Active Directory I would create a linked server to our domain and write a query like:

Select AD.* From OpenQuery(LinkedAD, 'Select sAMAccountName, displayName, GUID From ''LDAP://MYDC/OU=Companies,DC=MYCO,DC=COM'' WHERE objectClass = ''user''') As AD

Since I have been tasked with changing an application that interacts with an Oracle database I was hoping to modify the database to check my user tables and grab a personal identifier that the infrastructure group has created in AD and let the app know if the user has access to the it or not.  Obviously it gets even more complicated than just that which is precisely why I would like to handle as much of this in the database rather than fully re-writting the application.

So the short version of my question is really just, can I query Active Directory right from Oracle or do I ~HAVE~ to query AD from VB?  Thanks again...a
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 18

Expert Comment

by:Sham Haque
ID: 18835287
hi again atropa
see the links below for establishing a ODBC-DSN data source in Oracle:

Making a connection from Oracle to SQL Server

see section 3) Configuring Oracle to use ODBC (and below) in this article

In addition, you'll need to create a DSN to connect to your AD....
LVL 18

Expert Comment

by:Sham Haque
ID: 18835299
personally speaking, I would rather go down the VB route - it gets awfully messy working in Oracle with non-oracle data sources...
Alternatively, convince your new company that SS 2005 is the new 10g....

Author Comment

ID: 18836958
I would try and do that haq but I just learned about the table versioning which is an ENORMOUS benefit over MS SQL.  Had I had something like that over the years without having to create them myself...lets just say the possibilities are endless.

I do agree with you going the VB route, I just ~want~ to play around with it in Oracle as well to see what can be done.

Even with what I said above, I still miss MS SQL )c:

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had to make fundamental changes to a table in Oracle, but haven't been able to get any downtime?  I'm talking things like: * Dropping columns * Shrinking allocated space * Removing chained blocks and restoring the PCTFREE * Re-or…
Shell script to create broker configuration file using current broker Configuration, solely for purpose of backup on Linux. Script may need to be modified depending on OS-installation. Please deploy and verify the script in a test environment.
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
This video shows how to recover a database from a user managed backup
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question